US8966045B1 - Identity migration apparatus and method - Google Patents

Identity migration apparatus and method Download PDF

Info

Publication number
US8966045B1
US8966045B1 US13/686,700 US201213686700A US8966045B1 US 8966045 B1 US8966045 B1 US 8966045B1 US 201213686700 A US201213686700 A US 201213686700A US 8966045 B1 US8966045 B1 US 8966045B1
Authority
US
United States
Prior art keywords
migration
managed
locally
identity
account groups
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
US13/686,700
Inventor
Nikolay Vanyukhin
Oleg Shevnin
Alexey Korotich
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Quest Software Inc
Original Assignee
Dell Software Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Dell Software Inc filed Critical Dell Software Inc
Priority to US13/686,700 priority Critical patent/US8966045B1/en
Application granted granted Critical
Publication of US8966045B1 publication Critical patent/US8966045B1/en
Assigned to CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT reassignment CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT SECURITY AGREEMENT Assignors: AVENTAIL LLC, DELL PRODUCTS, L.P., DELL SOFTWARE INC.
Assigned to THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT reassignment THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT SECURITY AGREEMENT Assignors: AVENTAIL LLC, DELL PRODUCTS L.P., DELL SOFTWARE INC.
Assigned to AVENTAIL LLC, DELL SOFTWARE INC., DELL PRODUCTS L.P. reassignment AVENTAIL LLC RELEASE OF SECURITY INTEREST IN CERTAIN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (040039/0642) Assignors: THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A.
Assigned to DELL SOFTWARE INC., DELL PRODUCTS, L.P., AVENTAIL LLC reassignment DELL SOFTWARE INC. RELEASE BY SECURED PARTY (SEE DOCUMENT FOR DETAILS). Assignors: CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH
Assigned to CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT reassignment CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT FIRST LIEN PATENT SECURITY AGREEMENT Assignors: DELL SOFTWARE INC.
Assigned to CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT reassignment CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT SECOND LIEN PATENT SECURITY AGREEMENT Assignors: DELL SOFTWARE INC.
Assigned to AVENTAIL LLC, QUEST SOFTWARE INC. (F/K/A DELL SOFTWARE INC.) reassignment AVENTAIL LLC CORRECTIVE ASSIGNMENT TO CORRECT THE ASSIGNEE PREVIOUSLY RECORDED AT REEL: 040587 FRAME: 0624. ASSIGNOR(S) HEREBY CONFIRMS THE ASSIGNMENT. Assignors: CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH
Assigned to AVENTAIL LLC, QUEST SOFTWARE INC. (F/K/A DELL SOFTWARE INC.) reassignment AVENTAIL LLC RELEASE OF FIRST LIEN SECURITY INTEREST IN PATENTS RECORDED AT R/F 040581/0850 Assignors: CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT
Assigned to CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT reassignment CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT SECOND LIEN PATENT SECURITY AGREEMENT Assignors: QUEST SOFTWARE INC.
Assigned to CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT reassignment CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT FIRST LIEN PATENT SECURITY AGREEMENT Assignors: QUEST SOFTWARE INC.
Assigned to QUEST SOFTWARE INC. reassignment QUEST SOFTWARE INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: KOROTICH, ALEXEY, SHEVNIN, OLEG, VANYUKHIN, NIKOLAY
Assigned to DELL SOFTWARE INC. reassignment DELL SOFTWARE INC. CHANGE OF NAME (SEE DOCUMENT FOR DETAILS). Assignors: QUEST SOFTWARE, INC.
Assigned to QUEST SOFTWARE INC. reassignment QUEST SOFTWARE INC. CHANGE OF NAME (SEE DOCUMENT FOR DETAILS). Assignors: DELL SOFTWARE INC.
Assigned to GOLDMAN SACHS BANK USA reassignment GOLDMAN SACHS BANK USA FIRST LIEN INTELLECTUAL PROPERTY SECURITY AGREEMENT Assignors: ANALYTIX DATA SERVICES INC., BINARYTREE.COM LLC, erwin, Inc., One Identity LLC, ONE IDENTITY SOFTWARE INTERNATIONAL DESIGNATED ACTIVITY COMPANY, OneLogin, Inc., QUEST SOFTWARE INC.
Assigned to MORGAN STANLEY SENIOR FUNDING, INC. reassignment MORGAN STANLEY SENIOR FUNDING, INC. SECOND LIEN INTELLECTUAL PROPERTY SECURITY AGREEMENT Assignors: ANALYTIX DATA SERVICES INC., BINARYTREE.COM LLC, erwin, Inc., One Identity LLC, ONE IDENTITY SOFTWARE INTERNATIONAL DESIGNATED ACTIVITY COMPANY, OneLogin, Inc., QUEST SOFTWARE INC.
Assigned to QUEST SOFTWARE INC. reassignment QUEST SOFTWARE INC. RELEASE OF SECOND LIEN SECURITY INTEREST IN PATENTS Assignors: CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT
Assigned to QUEST SOFTWARE INC. reassignment QUEST SOFTWARE INC. RELEASE OF FIRST LIEN SECURITY INTEREST IN PATENTS Assignors: CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0893Assignment of logical groups to network elements

Definitions

  • the present invention relates to migrating network identities. Specifically, the invention relates to computer program products and methods for migrating network identities to a centralized management server.
  • a single organization may have multiple computer networks.
  • a business may have a separate network for the Human Resources department, the Accounting department, and the Sales department.
  • the user For a single user to log on to each network, the user must have a user identity registered with each network. As the number of network identities increases, so does the difficulty of managing the identities and the difficulty for each employee to remember their user identification information. Consequently, consolidating identities from multiple networks into a single management system is beneficial.
  • the present invention has been developed in response to the present state of the art, and in particular, in response to the problems and needs in the art that have not yet been fully solved by currently available identity migration solutions. Accordingly, the present invention has been developed to provide an apparatus and a method to centralize identity management that overcome many or all of the above-discussed shortcomings in the art.
  • a method to centralize identity management includes the operations of providing one or more interface controls, and receiving and validating data to enable a user to create a migration project, specify locally-managed identities to be migrated to centrally-managed identities, specify migration rules for the migration project, and specify a schedule for the migration project.
  • the method also includes migrating the selected identities according to the specified rules and schedule.
  • the method may also include the operation of providing an interface controls to modify the migration rules to resolve identity migration errors.
  • the method may include the operation of providing interface controls to enable a user to communicate an identity map to at least one server, specify accounts to be included in an account group, manually correct identity migration errors, and to halt, roll back, and resume a migration process.
  • an apparatus to centralize identity management includes a project management module that provides one or more interface controls that enable a user to create a migration project, and an identity selection module that provides one or more interface controls that enable a user to specify locally-managed identities to be migrated to centrally-managed identities.
  • the apparatus also includes a migration rule editor control that provides interfaces to enable a user to specify migration rules for the project that specify how the locally-managed identities are to be migrated to centrally-managed identities.
  • the migration rule editor may also enable the user to modify existing migration rules to resolve identity migration errors.
  • the apparatus may also include a scheduling module that provides one or more interface controls that enable a user to schedule the migration project.
  • the apparatus includes a communication module that retrieves locally-managed identities from at least one server.
  • the communication module may also provide an interface control that enables a user to communicate an identity map to one or more servers, and communicate the identity map to the specified server(s).
  • the apparatus may also include a group management module that provides one or more interface controls that enable a user to specify accounts to be included in an account group, and an account mapping module that provides one or more interface controls that enable a user to manually correct identity migration errors.
  • the apparatus may also include a migration process management module that provides interface controls that enables a user to halt a migration process, roll back a migration process, or resume a migration process.
  • FIG. 1 is a block diagram of one embodiment of an identity migration program apparatus in accordance with the present invention.
  • FIG. 2 is a screenshot diagram of one embodiment of an identity migration project management interface in accordance with the present invention.
  • FIG. 3 is a screenshot diagram of one embodiment of an identity selection interface in accordance with the present invention.
  • FIG. 4 is a screenshot diagram of one embodiment of an identity migration rule editor interface in accordance with the present invention.
  • FIG. 5 is a screenshot diagram of one embodiment of an identity migration scheduling interface in accordance with the present invention.
  • FIG. 6 is a screenshot diagram of one embodiment of an identity migration process control interface in accordance with the present invention.
  • FIG. 7 is a screenshot diagram of one embodiment of an identity group migration interface in accordance with the present invention.
  • FIG. 8 is a screenshot diagram of one embodiment of an identity migration rule correction interface in accordance with the present invention.
  • FIG. 9 is a screenshot diagram of one embodiment of a manual identity mapping interface in accordance with the present invention.
  • FIG. 10 is one embodiment of a method to migrate locally-managed identities to centrally-managed identities in accordance with the present invention.
  • modules may be implemented as a hardware circuit comprising custom VLSI circuits or gate arrays, off-the-shelf semiconductors such as logic chips, transistors, or other discrete components.
  • a module may also be implemented in programmable hardware devices such as field programmable gate arrays, programmable array logic, programmable logic devices or the like.
  • Modules may also be implemented in software for execution by various types of processors.
  • An identified module of executable code may, for instance, comprise one or more physical or logical blocks of computer instructions which may, for instance, be organized as an object, procedure, or function. Nevertheless, the executables of an identified module need not be physically located together, but may comprise disparate instructions stored in different locations which, when joined logically together, comprise the module and achieve the stated purpose for the module.
  • a module of executable code could be a single instruction, or many instructions, and may even be distributed over several different code segments, among different programs, and across several memory devices.
  • operational data may be identified and illustrated herein within modules, and may be embodied in any suitable form and organized within any suitable type of data structure. The operational data may be collected as a single data set, or may be distributed over different locations including over different storage devices, and may exist, at least partially, merely as electronic signals on a system or network.
  • FIG. 1 is a block diagram of one embodiment of an identity migration program 100 and associated datastore 105 in accordance with the present invention.
  • the identity migration program 100 a project management module 110 , an identity selection module 120 , a scheduling module 130 , a communication module 140 , a group management module 150 , an account mapping module 160 , a migration process management module 170 , and an execution module 180 .
  • the identity migration program 100 facilitates migrating locally-managed identities to centrally-managed identities.
  • the modules of the identity migration program 100 may be located on a single computer or distributed among various computing components within an enterprise.
  • the project datastore 105 is the repository for data related to migration projects.
  • the project datastore 105 is a database.
  • the project datastore 105 receives data from the communication module 140 that was received by the various modules of the identity migration program 100 , whether entered by users or gathered from locally-managed or centrally-managed servers.
  • the project datastore 105 archives copies of identity migration maps distributed to locally-managed or centrally-managed servers.
  • the project management module 110 accepts input, validates the received data, and stores data associated with managing identity migration projects.
  • data collected by the project management module 110 includes a project name, a project description, and credentials for authenticating to source and target systems.
  • the project management module 110 may receive project-related data from other modules of the identity migration program 100 to be stored in a project data store 105 or the like.
  • the identity selection module 120 facilitates selecting locally-managed identities to be migrated to centrally-managed identities.
  • the identity selection module 120 provides interface controls, and receives and validates input from the user directing the identity migration program 100 to search for locally-managed computers on a network and extract identity information from the computers.
  • the identity selection module 120 may utilize the communication module 140 to fulfill the user requests, display identity data retrieved by the communication module 140 , and accept input from the user to select identities to be migrated.
  • the scheduling module 130 facilitates scheduling of identity migration projects.
  • the scheduling module 130 provides interface controls to run an identity migration project immediately, at a specified time in the future, or on a periodic schedule.
  • the scheduling module 130 utilizes features of the host operating system to schedule the migration project.
  • the scheduling module 130 registers the project with a background (“daemon”) process that directs the execution module 180 to executes the scheduled migration project.
  • the communication module 140 manages communication between modules of the identity migration program 100 and various external entities.
  • the communication module 140 receives requests from the identity selection module 120 to retrieve identities from locally-managed computers specified by a user.
  • the communication module 140 receives identities from migration agents located on locally-managed systems.
  • the communication module 140 may communicate an identity map to a server.
  • the communication module 140 displays an interface control that enables the user to select a server to which the identity map is to be communicated.
  • the communication module 140 retrieves data required by the various modules of the identity migration program 100 , such as group membership data, identity attributes, resources associated with an identity, or the like.
  • the communication module 140 may communicate identity maps to migration agents on locally-managed or centrally-managed servers.
  • the communication module 140 may also communicate with an external database configured to store migration project data.
  • the group management module 150 provides an interface control that enables the user to specify locally-managed accounts to be migrated to centrally-managed account groups. In one embodiment, the group management module 150 migrates locally-managed account groups to centrally-managed account groups in an automated process not requiring direct user input.
  • identity groups are conceptually different in various identity management and directory services systems, and identity group migration is best accomplished with user input.
  • Active Directory groups are hierarchical and different permissions can be granted at different nesting levels. UNIX groups cannot be nested. Active Directory groups have security identities (SID) that are guaranteed to be unique across an enterprise.
  • SID security identities
  • GID UNIX group ID
  • GID UNIX group ID
  • the account mapping module 160 provides an interface control to manually correct identity migration errors.
  • Application of identity migration rules may result in multiple accounts belonging to the same person with different IDs, or identities belonging to multiple users may be migrated to the same account.
  • identity migration rules may result in multiple accounts belonging to the same person with different IDs, or identities belonging to multiple users may be migrated to the same account.
  • the most efficient approach may be to modify identity migration rules to produce fewer migration errors.
  • the most efficient approach may be to manually correct the errors and map locally-managed identities to the correct centrally-managed identities.
  • the account mapping module 160 displays a list of locally-managed identities and the centrally-managed identities to which they are mapped.
  • the account mapping module 160 may also provide interface controls to unmap a locally-managed identity from a centrally-managed identity and remap it to a different identity or to create a new identity to which to map it.
  • the migration process management module 170 provides interface controls that enable the user to monitor and control the status of migration projects. In one embodiment, the migration process management module 170 provides a control to enable the user to specify conditions that cause the migration process to be interrupted. The user may then check the progress of the migration project and execute other programs to perform necessary operations not performed by the identity migration program 100 . The migration process management module 170 then provides a control to resume the migration project. In one embodiment, the migration process management module 170 provides controls to verify, commit, or roll back a migration project.
  • the execution module 180 executes the migration project according to the migration rules and schedule specified for the project.
  • the execution module comprises processes distributed among various computing components within an enterprise, such as locally-managed servers, a migration server, and centrally-managed servers.
  • FIG. 2 is a screenshot diagram of one embodiment of an identity migration project management interface 200 in accordance with the present invention.
  • the identity migration project management interface 200 includes a project type control 210 , a project name control 220 , an account domain control 230 , credential controls 240 , and a project creation control 250 .
  • the identity migration project management interface 200 facilitates management of identity management projects.
  • the identity migration project management interface 200 is implemented as a wizard or a single dialog with controls such as drop-down menus, text boxes, radio buttons, check boxes, combo boxes, or the like.
  • the project type control 210 is a drop-down menu that enables the user to select from a predefined set of project types.
  • the project name control 220 is a text box in which the user may enter a name for the project.
  • the account domain control 230 is a text box in which the user may enter the name of the NIS domain from which identities are to be migrated.
  • the credential controls 240 receive the account ID and password to be used to authenticate to the specified domain. When all the necessary information has been entered, the user may activate the project creation control 250 to apply the specified parameters.
  • FIG. 3 is a screenshot diagram of one embodiment of an identity selection interface 300 in accordance with the present invention.
  • the identity selection interface 300 includes an identity search control 310 , an identity list control 320 , an identity inclusion control 330 , and an identity exclusion control 340 .
  • the identity selection interface 300 facilitates the selection of locally-managed identities to be migrated to centrally-managed identities.
  • the user may employ the identity search control 310 to search for locally-managed identities to be migrated.
  • the identity list control 320 displays discovered identities.
  • the user may select identities from the identity list control 320 to be excluded from the migration project by activating the identity exclusion control 340 .
  • identities to be migrated have been added to the identity list control 320
  • the user may activate the identity inclusion control 330 to add the identities to the migration project.
  • FIG. 4 is a screenshot diagram of one embodiment of an identity migration rule editor interface 400 in accordance with the present invention.
  • the identity migration rule editor interface 400 includes a migration rule condition editor dialog 410 and an identity mapping dialog 450 .
  • the migration rule condition editor dialog 410 includes a locally-managed identity selection control 420 and a centrally-managed identity selection control 430 .
  • the identity mapping dialog 450 includes an identity selection control 460 and an identity migration rule execution control 470 .
  • the identity migration rule editor interface 400 facilitates creating and editing rules governing the migration of locally-managed identities to centrally-managed identities.
  • the user may utilize the migration rule condition editor dialog 410 to edit conditions under which locally-managed UNIX identities are migrated to centrally-managed Active Directory identities. Rules may also specify which properties are migrated with the identities.
  • the locally-managed identity selection control 420 describes properties of the locally-managed identity to be mapped to corresponding properties selected in the centrally-managed identity selection control 430 .
  • the user may employ the identity selection control 460 to specify the mapping between locally-managed identities and centrally-managed identities. When the mappings are complete, the user may activate the identity migration rule execution control 470 to execute the specified rule set.
  • FIG. 5 is a screenshot diagram of one embodiment of an identity migration scheduling interface 500 in accordance with the present invention.
  • the identity migration scheduling interface 500 includes a run immediately control 510 , a one-time execution scheduling control 520 , a repeated execution scheduling control 530 , and a schedule application control 540 .
  • the identity migration scheduling interface 500 facilitates the scheduling of one-time or repeated execution of identity management projects.
  • the run immediately control 510 is a radio button that the user may select to execute the migration project immediately.
  • the one-time execution scheduling control 520 includes controls to specify a date and time at which the migration project is to be executed.
  • the repeated execution scheduling control 530 enables the user to specify a day of the week and time at which the migration project will be executed on a weekly basis.
  • the scheduling option may be activated using the schedule application control 540 .
  • the identity migration scheduling interface 500 provides interface controls to schedule phases or processes of the migration project according to separate schedules.
  • FIG. 6 is a screenshot diagram of one embodiment of an identity migration process control interface 600 in accordance with the present invention.
  • the identity migration process control interface 600 includes a migration map verification status control 610 , a halt migration condition control 620 , a resume migration control 630 , a migration map verification control 640 , a commit migration map control 650 , and a migration rollback control 660 .
  • the identity migration process control interface 600 facilitates control of the identity migration process.
  • the depicted embodiment of the identity migration process control 600 enables the user to monitor and control the progress of a migration project.
  • the migration map verification status control 610 displays the status of identities being migrated.
  • the halt migration condition control 620 enables the user to specify conditions that cause the migration process to be interrupted. The user may then check the progress of the migration project and execute other programs to perform necessary operations not performed by the identity migration program 100 . The user may then use the resume migration control 630 to resume execution of the migration project.
  • the depicted embodiment includes a migration map verification control 640 , a commit migration map control 650 , and a migration rollback control 660 to respectively verify, commit, or roll back operation of the migration project.
  • FIG. 7 is a screenshot diagram of one embodiment of an identity group migration interface 700 in accordance with the present invention.
  • the identity group migration interface 700 includes a group selection control 710 and a group migration rule execution control 720 .
  • the identity group migration interface 700 facilitates migration of locally-managed identity groups to centrally-managed identity groups.
  • the user may utilize the group selection control 710 to map locally-managed UNIX groups to centrally-managed Active Directory groups.
  • the user may activate the group migration rule execution control 720 to apply the specified rule set.
  • FIG. 8 is a screenshot diagram of one embodiment of an identity migration rule correction interface 800 in accordance with the present invention.
  • the identity migration rule correction interface 800 includes a rule execution order control 810 , a rule list control 820 , and a rule execution control 830 .
  • the identity migration rule correction interface 800 facilitates correction of identity migration rules.
  • the rule list control 820 displays the migration rules included in the migration project, in the order in which they are to be executed.
  • the user may select rules from the list and change the order in which they are to be executed using the rule execution order control 810 .
  • the user may execute the migration rules by activating the rule execution control 830 .
  • the migration project can be adjusted to yield fewer identity migration errors.
  • FIG. 9 is a screenshot diagram of one embodiment of a manual identity mapping interface 900 in accordance with the present invention.
  • the manual identity mapping interface 900 includes an identity selection control 910 , and identity list control 920 , an identity map completion control 930 , and an identity group control 940 .
  • the manual identity mapping interface 900 facilitates manually mapping locally-managed identities to centrally-managed identities.
  • the user may utilize the depicted embodiment of the manual identity mapping interface to manually correct identity migration errors in an identity migration project.
  • the user may search for locally-managed identities using the identity selection control 910 .
  • Discovered identities are displayed in the identity list control 920 .
  • Group membership may be preserved by selecting options in the identity group control 940 .
  • the user may add the specified identity mappings by activating the identity map completion control 930 .
  • FIG. 10 is one embodiment of an identity migration method 1000 in accordance with the present invention.
  • the identity migration method 1000 includes a provide project control(s) operation 1010 , a provide identity control(s) operation 1020 , a provide rule control(s) operation 1030 , a provide schedule control(s) operation 1040 , and a migrate identities operation 1050 .
  • the identity migration method 1000 facilitates the migration of locally-managed identities to centrally-managed identities.
  • the specified controls are displayed to gather the associated parameters for the identity migration project.
  • the operation of the identity migration method 1000 are displayed in a sequential order, the user may enter the required information in any order, so long as all the required parameters are entered before the migrate identities operation 1050 is executed by the execution module 180 or the like.

Abstract

An identity migration program provides interfaces for a user to manage operations for migrating locally-managed identities to centrally-managed identities. The provided interfaces include a project management interface, an identity selection interface, a migration rule editor interface, and a project scheduling interface. In certain embodiments, the identity migration program includes a communication module that provides interfaces for managing communication between the identity migration program and locally-managed and centrally-managed servers. Interfaces may also be provided to manage identity group migration and migration error resolution. A migration process management interface enables the user to halt, roll back, or resume a migration project.

Description

This application hereby incorporates by reference the entirety of the disclosure of each application set forth in the foreign and domestic priority sections of the Application Data Sheet filed herewith.
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to migrating network identities. Specifically, the invention relates to computer program products and methods for migrating network identities to a centralized management server.
2. Description of the Related Art
A single organization may have multiple computer networks. For example, a business may have a separate network for the Human Resources department, the Accounting department, and the Sales department. For a single user to log on to each network, the user must have a user identity registered with each network. As the number of network identities increases, so does the difficulty of managing the identities and the difficulty for each employee to remember their user identification information. Consequently, consolidating identities from multiple networks into a single management system is beneficial.
SUMMARY OF THE INVENTION
The present invention has been developed in response to the present state of the art, and in particular, in response to the problems and needs in the art that have not yet been fully solved by currently available identity migration solutions. Accordingly, the present invention has been developed to provide an apparatus and a method to centralize identity management that overcome many or all of the above-discussed shortcomings in the art.
In one aspect of the present invention, a method to centralize identity management includes the operations of providing one or more interface controls, and receiving and validating data to enable a user to create a migration project, specify locally-managed identities to be migrated to centrally-managed identities, specify migration rules for the migration project, and specify a schedule for the migration project. The method also includes migrating the selected identities according to the specified rules and schedule. The method may also include the operation of providing an interface controls to modify the migration rules to resolve identity migration errors.
In certain embodiments, the method may include the operation of providing interface controls to enable a user to communicate an identity map to at least one server, specify accounts to be included in an account group, manually correct identity migration errors, and to halt, roll back, and resume a migration process.
In another aspect of the present invention, an apparatus to centralize identity management is presented. In certain embodiments, the apparatus includes a project management module that provides one or more interface controls that enable a user to create a migration project, and an identity selection module that provides one or more interface controls that enable a user to specify locally-managed identities to be migrated to centrally-managed identities. The apparatus also includes a migration rule editor control that provides interfaces to enable a user to specify migration rules for the project that specify how the locally-managed identities are to be migrated to centrally-managed identities. The migration rule editor may also enable the user to modify existing migration rules to resolve identity migration errors. The apparatus may also include a scheduling module that provides one or more interface controls that enable a user to schedule the migration project.
In certain embodiments, the apparatus includes a communication module that retrieves locally-managed identities from at least one server. The communication module may also provide an interface control that enables a user to communicate an identity map to one or more servers, and communicate the identity map to the specified server(s). The apparatus may also include a group management module that provides one or more interface controls that enable a user to specify accounts to be included in an account group, and an account mapping module that provides one or more interface controls that enable a user to manually correct identity migration errors. The apparatus may also include a migration process management module that provides interface controls that enables a user to halt a migration process, roll back a migration process, or resume a migration process.
It should be noted that reference throughout this specification to features, advantages, or similar language does not imply that all of the features and advantages that may be realized with the present invention should be or are in any single embodiment of the invention. Rather, language referring to the features and advantages is understood to mean that a specific feature, advantage, or characteristic described in connection with an embodiment is included in at least one embodiment of the present invention. Thus, discussion of the features and advantages, and similar language, throughout this specification may, but do not necessarily, refer to the same embodiment.
Furthermore, the described features, advantages, and characteristics of the invention may be combined in any suitable manner in one or more embodiments. One skilled in the relevant art will recognize that the invention can be practiced without one or more of the specific features or advantages of a particular embodiment. In other instances, additional features and advantages may be recognized in certain embodiments that may not be present in all embodiments of the invention.
BRIEF DESCRIPTION OF THE DRAWINGS
In order that the advantages of the invention will be readily understood, a more particular description of the invention briefly described above will be rendered by reference to specific embodiments that are illustrated in the appended drawings. Understanding that these drawings depict only typical embodiments of the invention and are not therefore to be considered to be limiting of its scope, the invention will be described and explained with additional specificity and detail through the use of the accompanying drawings, in which:
FIG. 1 is a block diagram of one embodiment of an identity migration program apparatus in accordance with the present invention;
FIG. 2 is a screenshot diagram of one embodiment of an identity migration project management interface in accordance with the present invention;
FIG. 3 is a screenshot diagram of one embodiment of an identity selection interface in accordance with the present invention;
FIG. 4 is a screenshot diagram of one embodiment of an identity migration rule editor interface in accordance with the present invention;
FIG. 5 is a screenshot diagram of one embodiment of an identity migration scheduling interface in accordance with the present invention;
FIG. 6 is a screenshot diagram of one embodiment of an identity migration process control interface in accordance with the present invention;
FIG. 7 is a screenshot diagram of one embodiment of an identity group migration interface in accordance with the present invention;
FIG. 8 is a screenshot diagram of one embodiment of an identity migration rule correction interface in accordance with the present invention;
FIG. 9 is a screenshot diagram of one embodiment of a manual identity mapping interface in accordance with the present invention; and
FIG. 10 is one embodiment of a method to migrate locally-managed identities to centrally-managed identities in accordance with the present invention.
 DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT
It will be readily understood that the components of the present invention, as generally described and illustrated in the Figures herein, may be arranged and designed in a wide variety of different configurations. Thus, the following more detailed description of the embodiments of the apparatus and method of the present invention, as represented in the attached Figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention.
Many of the functional units described in this specification have been labeled as modules, in order to more particularly emphasize their implementation independence. For example, a module may be implemented as a hardware circuit comprising custom VLSI circuits or gate arrays, off-the-shelf semiconductors such as logic chips, transistors, or other discrete components. A module may also be implemented in programmable hardware devices such as field programmable gate arrays, programmable array logic, programmable logic devices or the like.
Modules may also be implemented in software for execution by various types of processors. An identified module of executable code may, for instance, comprise one or more physical or logical blocks of computer instructions which may, for instance, be organized as an object, procedure, or function. Nevertheless, the executables of an identified module need not be physically located together, but may comprise disparate instructions stored in different locations which, when joined logically together, comprise the module and achieve the stated purpose for the module.
Indeed, a module of executable code could be a single instruction, or many instructions, and may even be distributed over several different code segments, among different programs, and across several memory devices. Similarly, operational data may be identified and illustrated herein within modules, and may be embodied in any suitable form and organized within any suitable type of data structure. The operational data may be collected as a single data set, or may be distributed over different locations including over different storage devices, and may exist, at least partially, merely as electronic signals on a system or network.
In the following description, numerous specific details are provided, such as examples of programming, software modules, user selections, network transactions, database queries, database structures, hardware modules, hardware circuits, hardware chips, etc., to provide a thorough understanding of embodiments of the invention. One skilled in the relevant art will recognize, however, that the invention can be practiced without one or more of the specific details, or with other methods, components, materials, and so forth. In other instances, well-known structures, materials, or operations are not shown or described in detail to avoid obscuring aspects of the invention.
The features, structures, or characteristics of the invention described throughout this specification may be combined in any suitable manner in one or more embodiments. For example, reference throughout this specification to “one embodiment,” “an embodiment,” or similar language means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one embodiment of the present invention. Thus, appearances of the phrases “in one embodiment,” “in an embodiment,” or similar language throughout this specification do not necessarily all refer to the same embodiment and the described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments.
Turning now to the figures, FIG. 1 is a block diagram of one embodiment of an identity migration program 100 and associated datastore 105 in accordance with the present invention. The identity migration program 100 a project management module 110, an identity selection module 120, a scheduling module 130, a communication module 140, a group management module 150, an account mapping module 160, a migration process management module 170, and an execution module 180. The identity migration program 100 facilitates migrating locally-managed identities to centrally-managed identities. The modules of the identity migration program 100 may be located on a single computer or distributed among various computing components within an enterprise.
The project datastore 105 is the repository for data related to migration projects. In the depicted embodiment, the project datastore 105 is a database. In one embodiment, the project datastore 105 receives data from the communication module 140 that was received by the various modules of the identity migration program 100, whether entered by users or gathered from locally-managed or centrally-managed servers. In one embodiment, the project datastore 105 archives copies of identity migration maps distributed to locally-managed or centrally-managed servers.
The project management module 110 accepts input, validates the received data, and stores data associated with managing identity migration projects. In various embodiments, data collected by the project management module 110 includes a project name, a project description, and credentials for authenticating to source and target systems. The project management module 110 may receive project-related data from other modules of the identity migration program 100 to be stored in a project data store 105 or the like.
The identity selection module 120 facilitates selecting locally-managed identities to be migrated to centrally-managed identities. In one embodiment, the identity selection module 120 provides interface controls, and receives and validates input from the user directing the identity migration program 100 to search for locally-managed computers on a network and extract identity information from the computers. The identity selection module 120 may utilize the communication module 140 to fulfill the user requests, display identity data retrieved by the communication module 140, and accept input from the user to select identities to be migrated.
The scheduling module 130 facilitates scheduling of identity migration projects. In one embodiment, the scheduling module 130 provides interface controls to run an identity migration project immediately, at a specified time in the future, or on a periodic schedule. In one embodiment, the scheduling module 130 utilizes features of the host operating system to schedule the migration project. In another embodiment, the scheduling module 130 registers the project with a background (“daemon”) process that directs the execution module 180 to executes the scheduled migration project.
The communication module 140 manages communication between modules of the identity migration program 100 and various external entities. In one embodiment, the communication module 140 receives requests from the identity selection module 120 to retrieve identities from locally-managed computers specified by a user. In one embodiment, the communication module 140 receives identities from migration agents located on locally-managed systems. The communication module 140 may communicate an identity map to a server. In one embodiment, the communication module 140 displays an interface control that enables the user to select a server to which the identity map is to be communicated. In various embodiments, the communication module 140 retrieves data required by the various modules of the identity migration program 100, such as group membership data, identity attributes, resources associated with an identity, or the like. In various embodiments, the communication module 140 may communicate identity maps to migration agents on locally-managed or centrally-managed servers. The communication module 140 may also communicate with an external database configured to store migration project data.
The group management module 150 provides an interface control that enables the user to specify locally-managed accounts to be migrated to centrally-managed account groups. In one embodiment, the group management module 150 migrates locally-managed account groups to centrally-managed account groups in an automated process not requiring direct user input. One skilled in the art, however, will recognize that identity groups are conceptually different in various identity management and directory services systems, and identity group migration is best accomplished with user input. For example, Active Directory groups are hierarchical and different permissions can be granted at different nesting levels. UNIX groups cannot be nested. Active Directory groups have security identities (SID) that are guaranteed to be unique across an enterprise. The UNIX group ID (GID) is an integer that can easily coincide with the IDs of groups in other source repositories.
The account mapping module 160 provides an interface control to manually correct identity migration errors. Application of identity migration rules may result in multiple accounts belonging to the same person with different IDs, or identities belonging to multiple users may be migrated to the same account. When many of these identity migration errors occur, the most efficient approach may be to modify identity migration rules to produce fewer migration errors. When few migration errors occur, the most efficient approach may be to manually correct the errors and map locally-managed identities to the correct centrally-managed identities. In one embodiment, the account mapping module 160 displays a list of locally-managed identities and the centrally-managed identities to which they are mapped. The account mapping module 160 may also provide interface controls to unmap a locally-managed identity from a centrally-managed identity and remap it to a different identity or to create a new identity to which to map it.
The migration process management module 170 provides interface controls that enable the user to monitor and control the status of migration projects. In one embodiment, the migration process management module 170 provides a control to enable the user to specify conditions that cause the migration process to be interrupted. The user may then check the progress of the migration project and execute other programs to perform necessary operations not performed by the identity migration program 100. The migration process management module 170 then provides a control to resume the migration project. In one embodiment, the migration process management module 170 provides controls to verify, commit, or roll back a migration project.
The execution module 180 executes the migration project according to the migration rules and schedule specified for the project. In one embodiment, the execution module comprises processes distributed among various computing components within an enterprise, such as locally-managed servers, a migration server, and centrally-managed servers.
FIG. 2 is a screenshot diagram of one embodiment of an identity migration project management interface 200 in accordance with the present invention. The identity migration project management interface 200 includes a project type control 210, a project name control 220, an account domain control 230, credential controls 240, and a project creation control 250. The identity migration project management interface 200 facilitates management of identity management projects.
In various embodiments, the identity migration project management interface 200 is implemented as a wizard or a single dialog with controls such as drop-down menus, text boxes, radio buttons, check boxes, combo boxes, or the like. In the embodiment depicted in FIG. 2, the project type control 210 is a drop-down menu that enables the user to select from a predefined set of project types. The project name control 220 is a text box in which the user may enter a name for the project. The account domain control 230 is a text box in which the user may enter the name of the NIS domain from which identities are to be migrated. The credential controls 240 receive the account ID and password to be used to authenticate to the specified domain. When all the necessary information has been entered, the user may activate the project creation control 250 to apply the specified parameters.
FIG. 3 is a screenshot diagram of one embodiment of an identity selection interface 300 in accordance with the present invention. The identity selection interface 300 includes an identity search control 310, an identity list control 320, an identity inclusion control 330, and an identity exclusion control 340. The identity selection interface 300 facilitates the selection of locally-managed identities to be migrated to centrally-managed identities.
In the embodiment depicted in FIG. 3, the user may employ the identity search control 310 to search for locally-managed identities to be migrated. The identity list control 320 displays discovered identities. The user may select identities from the identity list control 320 to be excluded from the migration project by activating the identity exclusion control 340. When identities to be migrated have been added to the identity list control 320, the user may activate the identity inclusion control 330 to add the identities to the migration project.
FIG. 4 is a screenshot diagram of one embodiment of an identity migration rule editor interface 400 in accordance with the present invention. The identity migration rule editor interface 400 includes a migration rule condition editor dialog 410 and an identity mapping dialog 450. The migration rule condition editor dialog 410 includes a locally-managed identity selection control 420 and a centrally-managed identity selection control 430. The identity mapping dialog 450 includes an identity selection control 460 and an identity migration rule execution control 470. The identity migration rule editor interface 400 facilitates creating and editing rules governing the migration of locally-managed identities to centrally-managed identities.
In the embodiment depicted in FIG. 4, the user may utilize the migration rule condition editor dialog 410 to edit conditions under which locally-managed UNIX identities are migrated to centrally-managed Active Directory identities. Rules may also specify which properties are migrated with the identities. The locally-managed identity selection control 420 describes properties of the locally-managed identity to be mapped to corresponding properties selected in the centrally-managed identity selection control 430. In the depicted embodiment of the identity mapping dialog 450, the user may employ the identity selection control 460 to specify the mapping between locally-managed identities and centrally-managed identities. When the mappings are complete, the user may activate the identity migration rule execution control 470 to execute the specified rule set.
FIG. 5 is a screenshot diagram of one embodiment of an identity migration scheduling interface 500 in accordance with the present invention. The identity migration scheduling interface 500 includes a run immediately control 510, a one-time execution scheduling control 520, a repeated execution scheduling control 530, and a schedule application control 540. The identity migration scheduling interface 500 facilitates the scheduling of one-time or repeated execution of identity management projects.
In the embodiment of the identity migration scheduling interface 500 depicted in FIG. 5, the run immediately control 510 is a radio button that the user may select to execute the migration project immediately. The one-time execution scheduling control 520 includes controls to specify a date and time at which the migration project is to be executed. The repeated execution scheduling control 530 enables the user to specify a day of the week and time at which the migration project will be executed on a weekly basis. When the user has selected a scheduling option and entered the associated parameters, the scheduling option may be activated using the schedule application control 540. In one embodiment, the identity migration scheduling interface 500 provides interface controls to schedule phases or processes of the migration project according to separate schedules.
FIG. 6 is a screenshot diagram of one embodiment of an identity migration process control interface 600 in accordance with the present invention. The identity migration process control interface 600 includes a migration map verification status control 610, a halt migration condition control 620, a resume migration control 630, a migration map verification control 640, a commit migration map control 650, and a migration rollback control 660. The identity migration process control interface 600 facilitates control of the identity migration process.
The depicted embodiment of the identity migration process control 600 enables the user to monitor and control the progress of a migration project. The migration map verification status control 610 displays the status of identities being migrated. The halt migration condition control 620 enables the user to specify conditions that cause the migration process to be interrupted. The user may then check the progress of the migration project and execute other programs to perform necessary operations not performed by the identity migration program 100. The user may then use the resume migration control 630 to resume execution of the migration project. The depicted embodiment includes a migration map verification control 640, a commit migration map control 650, and a migration rollback control 660 to respectively verify, commit, or roll back operation of the migration project.
FIG. 7 is a screenshot diagram of one embodiment of an identity group migration interface 700 in accordance with the present invention. The identity group migration interface 700 includes a group selection control 710 and a group migration rule execution control 720. The identity group migration interface 700 facilitates migration of locally-managed identity groups to centrally-managed identity groups.
In the depicted embodiment, the user may utilize the group selection control 710 to map locally-managed UNIX groups to centrally-managed Active Directory groups. When the group mappings have been specified, the user may activate the group migration rule execution control 720 to apply the specified rule set.
FIG. 8 is a screenshot diagram of one embodiment of an identity migration rule correction interface 800 in accordance with the present invention. The identity migration rule correction interface 800 includes a rule execution order control 810, a rule list control 820, and a rule execution control 830. The identity migration rule correction interface 800 facilitates correction of identity migration rules.
In the depicted embodiment, the rule list control 820 displays the migration rules included in the migration project, in the order in which they are to be executed. The user may select rules from the list and change the order in which they are to be executed using the rule execution order control 810. When the rules are in the desired order, the user may execute the migration rules by activating the rule execution control 830. By modifying the order in which rules are applied, the migration project can be adjusted to yield fewer identity migration errors.
FIG. 9 is a screenshot diagram of one embodiment of a manual identity mapping interface 900 in accordance with the present invention. The manual identity mapping interface 900 includes an identity selection control 910, and identity list control 920, an identity map completion control 930, and an identity group control 940. The manual identity mapping interface 900 facilitates manually mapping locally-managed identities to centrally-managed identities.
The user may utilize the depicted embodiment of the manual identity mapping interface to manually correct identity migration errors in an identity migration project. The user may search for locally-managed identities using the identity selection control 910. Discovered identities are displayed in the identity list control 920. Group membership may be preserved by selecting options in the identity group control 940. When the identity mapping is complete, the user may add the specified identity mappings by activating the identity map completion control 930.
FIG. 10 is one embodiment of an identity migration method 1000 in accordance with the present invention. The identity migration method 1000 includes a provide project control(s) operation 1010, a provide identity control(s) operation 1020, a provide rule control(s) operation 1030, a provide schedule control(s) operation 1040, and a migrate identities operation 1050. The identity migration method 1000 facilitates the migration of locally-managed identities to centrally-managed identities.
In the depicted embodiment of the identity migration method 1000, the specified controls are displayed to gather the associated parameters for the identity migration project. Although the operation of the identity migration method 1000 are displayed in a sequential order, the user may enter the required information in any order, so long as all the required parameters are entered before the migrate identities operation 1050 is executed by the execution module 180 or the like.
The present invention may be embodied in other specific forms without departing from its spirit or essential characteristics. The described embodiments are to be considered in all respects only as illustrative and not restrictive. The scope of the invention is, therefore, indicated by the appended claims rather than by the foregoing description. All changes which come within the meaning and range of equivalency of the claims are to be embraced within their scope.

Claims (20)

What is claimed is:
1. A method for chan in functioning of at least one computer by migrating locally-managed identities to centrally-managed identities, the method comprising:
providing, on computer hardware including at least one computer processor, at least one interface control configured to receive input from at least one input device and to communicate the input to the computer hardware, thereby enabling a user to create a migration project to be carried out by the computer hardware;
receiving, by the interface control from the input device, an identification of locally-managed identities associated with locally-managed account groups;
receiving, by the interface control from the input device, a specification of a migration of the locally-managed account groups to one or more centrally-managed account groups such that the migration of the locally-managed account groups migrates the locally-managed identities associated with the locally-managed account groups to the one or more centrally-managed account groups and preserves local group membership information and identity attributes about the locally-managed identities migrated to the one or more centrally-managed account groups;
receiving, by the interface control from the input device, a specification of migration rules for the migration project;
receiving, by the interface control from the input device, a specification of a migration schedule for the migration project; and
executing the migration rules with the computer hardware including the at least one computer processor according to the migration schedule to automatically migrate the locally-managed identities associated with the locally-managed account groups to the one or more centrally-managed account groups in a manner that preserves the local group membership information of migrated locally-managed identities.
2. The method of claim 1 further comprising receiving, by the interface control from the input device, a modification of at least one migration rule to manually correct an identity migration error.
3. The method of claim 1 further comprising halting a migration process specified by the migration project.
4. The method of claim 1 wherein the one or more centrally-managed account groups include one or more centrally-managed account groups in Active Directory.
5. The method of claim 1 wherein the locally-managed account groups include one or more locally-managed account groups in Unix.
6. A system for identity migration comprising:
computer hardware including at least one computer processor and at least one input device; and
a plurality of modules stored in computer-readable storage comprising computer readable instructions that, when executed by the computer processor, cause the computer hardware to perform operations defined by the computer-executable instructions, the modules configured to:
create a migration project in response to user input received from the input device;
identify locally-managed identities associated with locally-managed account groups;
specify a migration of the locally-managed account groups to one or more centrally-managed account groups such that the migration of the locally-managed account groups migrates the locally-managed identities associated with the locally-managed account groups to the one or more centrally-managed account groups and preserves local group membership information and identity attributes about the locally-managed identities migrated to the one or more centrally-managed account groups;
specify migration rules for the migration project;
specify a migration schedule for the migration project; and
execute the migration rules according to the migration schedule to automatically migrate the locally-managed identities associated with the locally-managed account groups to the one or more centrally-managed account groups in a manner that preserves the local group membership information of migrated locally-managed identities.
7. The system of claim 6 wherein the modules are further configured to allow a user to roll back a migration process specified by the migration project.
8. The system of claim 6 wherein the modules are further configured to allow a user to resume a migration process specified by the migration project.
9. The system of claim 6 wherein the modules are further configured to allow a user to modify at least one migration rule to resolve identity migration errors.
10. The system of claim 6 wherein the modules are further configured to allow a user to retrieve locally-managed identities from at least one server, provide at least one interface control that enables a user to communicate an identity map to at least one server, and communicate the identity map to at least one server in response to user activation of the at least one interface control.
11. A non-transitory computer readable storage medium comprising a program of machine-readable instructions executable by a digital processing apparatus to perform operations to migrate locally-managed identities to centrally-managed identities, the operations comprising:
receiving a user's input from an input device;
at least in part in response to the input received from the input device, creating a migration project, encoded in tangible computer storage, that includes at least (a) an identification of locally-managed identities associated with locally-managed account groups, (b) a specification of a migration of the locally-managed account groups to one or more centrally-managed account groups such that the migration of the locally-managed account groups migrates the locally-managed identities associated with the locally-managed account groups to the one or more centrally-managed account groups and preserves local group membership information and identity attributes about the locally-managed identities migrated to the one or more centrally-managed account groups, (c) a plurality of migration rules for the migration project, and (d) a migration schedule for the migration project; and
executing the migration rules according to the migration schedule to automatically migrate the locally-managed identities associated with the locally-managed account groups to the one or more centrally-managed account groups in a manner that preserves the local group membership information of migrated locally-managed identities.
12. The non-transitory computer readable storage medium of claim 11 wherein the operations further comprise a user-selectable operation of interrupting a migration process specified by the migration project.
13. The non-transitory computer readable storage medium of claim 11 wherein the operations further comprise a user-selectable operation of resuming a migration process specified by the migration project.
14. The non-transitory computer readable storage medium of claim 11 wherein the operations further comprise a user-selectable operation of committing a migration process specified by the migration project.
15. The non-transitory computer readable storage medium of claim 11 wherein the operations further comprise a user-selectable operation of unmapping at least one locally-managed identity from at least one centrally-managed identity.
16. A system for migrating locally-managed identities to centrally-managed identities, the method comprising:
computer hardware comprising at least a computer processor and an input device;
at least one interface control that receives a user's input from the input device and, based at least in part upon the user's input, causes the computer hardware to migrate locally-managed identities associated with locally-managed account groups to one or more centrally-managed account groups; and
a migration rule execution module that causes migration rules, encoded in tangible computer storage, to be executed on the at least one computer processor, thereby causing the computer hardware to automatically migrate, in accordance with a migration schedule encoded in tangible computer storage, the locally-managed identities associated with the locally-managed account groups to the one or more centrally-managed account groups in a manner that preserves the local group membership information of migrated locally-managed identities.
17. The system of claim 16 further comprising at least one interface control that enables a user to identify the locally-managed identities associated with the locally-managed account groups.
18. The system of claim 16 further comprising at least one interface control that enables a user to specify the migration rules for the migration project and at least one interface control that enables a user to specify the migration schedule for the migration project.
19. The system of claim 16 wherein the one or more centrally-managed account groups include one or more centrally-managed account groups in Active Directory.
20. The system of claim 16 wherein the locally-managed account groups include one or more locally-managed account groups in Unix.
US13/686,700 2006-10-30 2012-11-27 Identity migration apparatus and method Active US8966045B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US13/686,700 US8966045B1 (en) 2006-10-30 2012-11-27 Identity migration apparatus and method

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US86356906P 2006-10-30 2006-10-30
US11/928,887 US8086710B2 (en) 2006-10-30 2007-10-30 Identity migration apparatus and method
US13/324,874 US8346908B1 (en) 2006-10-30 2011-12-13 Identity migration apparatus and method
US13/686,700 US8966045B1 (en) 2006-10-30 2012-11-27 Identity migration apparatus and method

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US13/324,874 Continuation US8346908B1 (en) 2006-10-30 2011-12-13 Identity migration apparatus and method

Publications (1)

Publication Number Publication Date
US8966045B1 true US8966045B1 (en) 2015-02-24

Family

ID=39331692

Family Applications (3)

Application Number Title Priority Date Filing Date
US11/928,887 Active 2028-08-15 US8086710B2 (en) 2006-10-30 2007-10-30 Identity migration apparatus and method
US13/324,874 Active US8346908B1 (en) 2006-10-30 2011-12-13 Identity migration apparatus and method
US13/686,700 Active US8966045B1 (en) 2006-10-30 2012-11-27 Identity migration apparatus and method

Family Applications Before (2)

Application Number Title Priority Date Filing Date
US11/928,887 Active 2028-08-15 US8086710B2 (en) 2006-10-30 2007-10-30 Identity migration apparatus and method
US13/324,874 Active US8346908B1 (en) 2006-10-30 2011-12-13 Identity migration apparatus and method

Country Status (1)

Country Link
US (3) US8086710B2 (en)

Families Citing this family (32)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8782654B2 (en) 2004-03-13 2014-07-15 Adaptive Computing Enterprises, Inc. Co-allocating a reservation spanning different compute resources types
US7971204B2 (en) 2004-03-13 2011-06-28 Adaptive Computing Enterprises, Inc. System and method of co-allocating a reservation spanning different compute resources types
CA2559584A1 (en) 2004-03-13 2005-09-29 Cluster Resources, Inc. System and method of providing a self-optimizing reservation in space of compute resources
US9778959B2 (en) 2004-03-13 2017-10-03 Iii Holdings 12, Llc System and method of performing a pre-reservation analysis to yield an improved fit of workload with the compute environment
CA2559603A1 (en) 2004-03-13 2005-09-29 Cluster Resources, Inc. System and method for providing advanced reservations in a compute environment
US20070266388A1 (en) 2004-06-18 2007-11-15 Cluster Resources, Inc. System and method for providing advanced reservations in a compute environment
US7617501B2 (en) 2004-07-09 2009-11-10 Quest Software, Inc. Apparatus, system, and method for managing policies on a computer having a foreign operating system
US8176490B1 (en) 2004-08-20 2012-05-08 Adaptive Computing Enterprises, Inc. System and method of interfacing a workload manager and scheduler with an identity manager
CA2586763C (en) 2004-11-08 2013-12-17 Cluster Resources, Inc. System and method of providing system jobs within a compute environment
US8863143B2 (en) 2006-03-16 2014-10-14 Adaptive Computing Enterprises, Inc. System and method for managing a hybrid compute environment
US9075657B2 (en) 2005-04-07 2015-07-07 Adaptive Computing Enterprises, Inc. On-demand access to compute resources
US9231886B2 (en) 2005-03-16 2016-01-05 Adaptive Computing Enterprises, Inc. Simple integration of an on-demand compute environment
US7904949B2 (en) 2005-12-19 2011-03-08 Quest Software, Inc. Apparatus, systems and methods to provide authentication services to a legacy application
US8087075B2 (en) 2006-02-13 2011-12-27 Quest Software, Inc. Disconnected credential validation using pre-fetched service tickets
US8429712B2 (en) 2006-06-08 2013-04-23 Quest Software, Inc. Centralized user authentication system apparatus and method
US8086710B2 (en) 2006-10-30 2011-12-27 Quest Software, Inc. Identity migration apparatus and method
US7895332B2 (en) 2006-10-30 2011-02-22 Quest Software, Inc. Identity migration system apparatus and method
US20080133533A1 (en) * 2006-11-28 2008-06-05 Krishna Ganugapati Migrating Credentials to Unified Identity Management Systems
US8041773B2 (en) 2007-09-24 2011-10-18 The Research Foundation Of State University Of New York Automatic clustering for self-organizing grids
US8370493B2 (en) * 2008-12-12 2013-02-05 Amazon Technologies, Inc. Saving program execution state
US20100269151A1 (en) * 2009-04-20 2010-10-21 Crume Jeffery L Migration across authentication systems
US8255984B1 (en) 2009-07-01 2012-08-28 Quest Software, Inc. Single sign-on system for shared resource environments
US10877695B2 (en) 2009-10-30 2020-12-29 Iii Holdings 2, Llc Memcached server functionality in a cluster of data processing nodes
US11720290B2 (en) 2009-10-30 2023-08-08 Iii Holdings 2, Llc Memcached server functionality in a cluster of data processing nodes
US11475518B2 (en) * 2010-02-09 2022-10-18 Trading Technologies International, Inc. Method and apparatus for computing a value of a traded item
US9430291B2 (en) 2010-12-30 2016-08-30 International Business Machines Corporation Distributed topology enabler for identity manager
EP2675127B1 (en) * 2011-08-29 2015-07-15 Huawei Technologies Co., Ltd. Method and device for automatically migrating system configuration item
US9401904B1 (en) 2012-03-15 2016-07-26 Motio, Inc. Security migration in a business intelligence environment
GB2504716A (en) 2012-08-07 2014-02-12 Ibm A data migration system and method for migrating data objects
US10063382B1 (en) * 2017-09-28 2018-08-28 General Electric Company Apparatus and method for providing multiple security credentials
US11036488B2 (en) * 2019-08-12 2021-06-15 International Business Machines Corporation System and method for optimal hierarchical upgrade time prediction
US11138536B1 (en) * 2020-06-18 2021-10-05 Adp, Llc Intelligent implementation project management

Citations (385)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4109237A (en) 1977-01-17 1978-08-22 Hill Robert B Apparatus and method for identifying individuals through their retinal vasculature patterns
US4370707A (en) 1971-08-03 1983-01-25 Computer Service, Inc. Computer system for generating architectural specifications and project control instructions
US4694397A (en) 1984-12-27 1987-09-15 The Advest Group, Inc. Banking/brokerage computer interface system
US5222018A (en) 1985-07-18 1993-06-22 Pitney Bowes Inc. System for centralized processing of accounting and payment functions
US5267865A (en) 1992-02-11 1993-12-07 John R. Lee Interactive computer aided natural learning method and apparatus
US5302132A (en) 1992-04-01 1994-04-12 Corder Paul R Instructional system and method for improving communication skills
US5310349A (en) 1992-04-30 1994-05-10 Jostens Learning Corporation Instructional management system
US5313465A (en) 1992-05-13 1994-05-17 Digital Equipment Corporation Method of merging networks across a common backbone network
US5333302A (en) 1991-02-28 1994-07-26 Hensley Billy W Filtering event capture data for computer software evaluation
US5339435A (en) 1991-02-28 1994-08-16 Hewlett-Packard Company Heterogenous software configuration management apparatus
US5367698A (en) 1991-10-31 1994-11-22 Epoch Systems, Inc. Network file migration system
US5371852A (en) 1992-10-14 1994-12-06 International Business Machines Corporation Method and apparatus for making a cluster of computers appear as a single host on a network
US5410703A (en) 1992-07-01 1995-04-25 Telefonaktiebolaget L M Ericsson System for changing software during computer operation
US5423032A (en) 1991-10-31 1995-06-06 International Business Machines Corporation Method for extracting multi-word technical terms from text
US5437027A (en) 1990-05-30 1995-07-25 Texas Instruments Incorporated System and method for database management supporting object-oriented programming
US5437555A (en) 1991-05-02 1995-08-01 Discourse Technologies, Inc. Remote teaching system
US5440719A (en) 1992-10-27 1995-08-08 Cadence Design Systems, Inc. Method simulating data traffic on network in accordance with a client/sewer paradigm
US5497492A (en) 1990-09-04 1996-03-05 Microsoft Corporation System and method for loading an operating system through use of a fire system
US5497486A (en) 1994-03-15 1996-03-05 Salvatore J. Stolfo Method of merging large databases in parallel
US5499379A (en) 1988-06-30 1996-03-12 Hitachi, Ltd. Input/output execution apparatus for a plural-OS run system
US5530829A (en) 1992-12-17 1996-06-25 International Business Machines Corporation Track and record mode caching scheme for a storage system employing a scatter index table with pointer and a track directory
US5550976A (en) 1992-12-08 1996-08-27 Sun Hydraulics Corporation Decentralized distributed asynchronous object oriented system and method for electronic data management, storage, and communication
US5550968A (en) 1994-04-12 1996-08-27 International Business Machines Corporation Method and system for providing access security to controls in a graphical user interface
US5553291A (en) 1992-09-16 1996-09-03 Hitachi, Ltd. Virtual machine control method and virtual machine system
US5586304A (en) 1994-09-08 1996-12-17 Compaq Computer Corporation Automatic computer upgrading
US5590360A (en) 1992-10-19 1996-12-31 International Business Machines Corporation Apparatus and method for gathering and entering data requirements from multiple users in the building of process models and data models
US5600833A (en) 1993-09-17 1997-02-04 Digital Equipment Corp. Attribute portion based document retrieval system with system query language interface
US5608874A (en) 1994-12-02 1997-03-04 Autoentry Online, Inc. System and method for automatic data file format translation and transmission having advanced features
US5608903A (en) 1994-12-15 1997-03-04 Novell, Inc. Method and apparatus for moving subtrees in a distributed network directory
US5613090A (en) 1993-10-05 1997-03-18 Compaq Computer Corporation Computer system for disparate windowing environments which translates requests and replies between the disparate environments
US5623601A (en) 1994-11-18 1997-04-22 Milkway Networks Corporation Apparatus and method for providing a secure gateway for communication and data exchanges between networks
US5630131A (en) 1994-11-14 1997-05-13 Object Technology Licensing Corp. Method and apparatus for importing and exporting archive files for a graphical user interface
US5630069A (en) 1993-01-15 1997-05-13 Action Technologies, Inc. Method and apparatus for creating workflow maps of business processes
US5659736A (en) 1993-11-29 1997-08-19 Mitsubishi Denki Kabushiki Kaisha Management information base and method in an OSI management system
US5659735A (en) 1994-12-09 1997-08-19 Object Technology Licensing Corp. Object-oriented system for program version and history database management system for various program components
US5666502A (en) 1995-08-07 1997-09-09 Apple Computer, Inc. Graphical user interface using historical lists with field classes
US5671428A (en) 1991-08-28 1997-09-23 Kabushiki Kaisha Toshiba Collaborative document processing system with version and comment management
US5673386A (en) 1994-06-29 1997-09-30 U S West Technologies, Inc. Method and system for identification of software application faults
US5673387A (en) 1994-05-16 1997-09-30 Lucent Technologies Inc. System and method for selecting test units to be re-run in software regression testing
US5675782A (en) 1995-06-06 1997-10-07 Microsoft Corporation Controlling access to objects on multiple operating systems
US5677997A (en) 1993-02-11 1997-10-14 Talatik; Kirit K. Method and apparatus for automated conformance and enforcement of behavior in application processing systems
US5680586A (en) 1995-04-18 1997-10-21 International Business Machines Corporation Method and system for storing and accessing user-defined attributes within a data processing system
US5684950A (en) 1996-09-23 1997-11-04 Lockheed Martin Corporation Method and system for authenticating users to multiple computer servers via a single sign-on
US5692132A (en) 1995-06-07 1997-11-25 Mastercard International, Inc. System and method for conducting cashless transactions on a computer network
US5692902A (en) 1995-03-24 1997-12-02 Maillefer Instruments S.A. Set of instruments for the boring of radicular dental canals
US5694540A (en) 1994-12-15 1997-12-02 Lucent Technologies Inc. Automated software regression test and compilation system
US5706502A (en) 1996-03-25 1998-01-06 Sun Microsystems, Inc. Internet-enabled portfolio manager system and method
US5708828A (en) 1995-05-25 1998-01-13 Reliant Data Systems System for converting data from input data environment using first format to output data environment using second format by executing the associations between their fields
US5708812A (en) 1996-01-18 1998-01-13 Microsoft Corporation Method and apparatus for Migrating from a source domain network controller to a target domain network controller
US5710884A (en) 1995-03-29 1998-01-20 Intel Corporation System for automatically updating personal profile server with updates to additional user information gathered from monitoring user's electronic consuming habits generated on computer during use
US5711671A (en) 1994-07-08 1998-01-27 The Board Of Regents Of Oklahoma State University Automated cognitive rehabilitation system and method for treating brain injured patients
US5724521A (en) 1994-11-03 1998-03-03 Intel Corporation Method and apparatus for providing electronic advertisements to end users in a consumer best-fit pricing manner
US5727145A (en) 1996-06-26 1998-03-10 Sun Microsystems, Inc. Mechanism for locating objects in a secure fashion
US5727951A (en) 1996-05-28 1998-03-17 Ho; Chi Fai Relationship-based computer-aided-educational system
US5740427A (en) 1994-12-29 1998-04-14 Stoller; Lincoln Modular automated account maintenance system
US5745113A (en) 1996-04-03 1998-04-28 Institute For Research On Learning Representing work practices
US5743746A (en) 1996-04-17 1998-04-28 Ho; Chi Fai Reward enriched learning system and method
US5745902A (en) 1992-07-06 1998-04-28 Microsoft Corporation Method and system for accessing a file using file names having different file name formats
US5752042A (en) 1996-06-07 1998-05-12 International Business Machines Corporation Server computer for selecting program updates for a client computer based on results of recognizer program(s) furnished to the client computer
US5754938A (en) 1994-11-29 1998-05-19 Herz; Frederick S. M. Pseudonymous server for system for customized electronic identification of desirable objects
US5754173A (en) 1996-02-28 1998-05-19 Sun Microsystems, Inc. Method and system for creating user interface independent programs with a user interface provider
US5758074A (en) 1994-11-04 1998-05-26 International Business Machines Corporation System for extending the desktop management interface at one node to a network by using pseudo management interface, pseudo component interface and network server interface
US5758062A (en) 1996-04-30 1998-05-26 Oracle Corporation Method and apparatus for regression testing of application logic
US5764897A (en) 1993-02-25 1998-06-09 Sun Microsystems, Inc. Method and apparatus for managing transactions in an object-oriented distributed system
US5765140A (en) 1995-11-17 1998-06-09 Mci Corporation Dynamic project management system
US5768519A (en) 1996-01-18 1998-06-16 Microsoft Corporation Method and apparatus for merging user accounts from a source security domain into a target security domain
US5774551A (en) 1995-08-07 1998-06-30 Sun Microsystems, Inc. Pluggable account management interface with unified login and logout and multiple user authentication services
US5778169A (en) 1995-08-07 1998-07-07 Synopsys, Inc. Computer system having improved regression testing
US5784553A (en) 1996-01-16 1998-07-21 Parasoft Corporation Method and system for generating a computer program test suite using dynamic symbolic execution of JAVA programs
US5784643A (en) 1996-03-28 1998-07-21 International Business Machines Corporation System incorporating program for intercepting and interpreting or altering commands for generating I/O activity for enabling real-time user feedback by sending substitute characters to modem
US5790801A (en) 1995-05-26 1998-08-04 Sharp Kabushiki Kaisha Data management system
US5796393A (en) 1996-11-08 1998-08-18 Compuserve Incorporated System for intergrating an on-line service community with a foreign service
US5806075A (en) 1993-09-24 1998-09-08 Oracle Corporation Method and apparatus for peer-to-peer data replication
US5812865A (en) 1993-12-03 1998-09-22 Xerox Corporation Specifying and establishing communication data paths between particular media devices in multiple media device computing systems based on context of a user or users
US5812669A (en) 1995-07-19 1998-09-22 Jenkins; Lew Method and system for providing secure EDI over an open network
US5815657A (en) 1996-04-26 1998-09-29 Verifone, Inc. System, method and article of manufacture for network electronic authorization utilizing an authorization instrument
US5819265A (en) 1996-07-12 1998-10-06 International Business Machines Corporation Processing names in a text
US5819295A (en) 1995-10-30 1998-10-06 Matsushita Electric Industrial Co., Ltd. Document storing and managing system
US5819281A (en) 1996-02-26 1998-10-06 Electronic Data Systems Corporation Notification of aspect value change in object-oriented programming
US5822518A (en) 1995-11-29 1998-10-13 Hitachi, Ltd. Method for accessing information
US5835911A (en) 1994-02-08 1998-11-10 Fujitsu Limited Software distribution and maintenance system and method
US5838918A (en) 1993-12-13 1998-11-17 International Business Machines Corporation Distributing system configuration information from a manager machine to subscribed endpoint machines in a distrubuted computing environment
US5844508A (en) 1995-12-01 1998-12-01 Fujitsu Limited Data coding method, data decoding method, data compression apparatus, and data decompression apparatus
US5848396A (en) 1996-04-26 1998-12-08 Freedom Of Information, Inc. Method and apparatus for determining behavioral profile of a computer user
US5859972A (en) 1996-05-10 1999-01-12 The Board Of Trustees Of The University Of Illinois Multiple server repository and multiple server remote application virtual client computer
US5872928A (en) 1995-02-24 1999-02-16 Cabletron Systems, Inc. Method and apparatus for defining and enforcing policies for configuration management in communications networks
US5872973A (en) 1995-10-26 1999-02-16 Viewsoft, Inc. Method for managing dynamic relations between objects in dynamic object-oriented languages
US5878432A (en) 1996-10-29 1999-03-02 International Business Machines Corporation Object oriented framework mechanism for a source code repository
US5889520A (en) 1997-11-13 1999-03-30 International Business Machines Corporation Topological view of a multi-tier network
US5890175A (en) 1996-09-25 1999-03-30 Wong; Garland Dynamic generation and display of catalogs
US5890161A (en) 1997-10-28 1999-03-30 Microsoft Corporation Automatic transaction processing of component-based server applications
US5892898A (en) 1996-10-04 1999-04-06 Honeywell, Inc. Error management system for supporting the identification and logging of error messages
US5893076A (en) 1996-01-16 1999-04-06 Sterling Commerce, Inc. Supplier driven commerce transaction processing system and methodology
US5893074A (en) 1996-01-29 1999-04-06 California Institute Of Technology Network based task management
US5893916A (en) 1996-12-13 1999-04-13 Ncr Corporation Method of converting man pages to help topic files
US5930512A (en) 1996-10-18 1999-07-27 International Business Machines Corporation Method and apparatus for building and running workflow process models using a hypertext markup language
US5937165A (en) 1996-09-10 1999-08-10 Ganymede Software, Inc Systems, methods and computer program products for applications traffic based communications network performance testing
US5948064A (en) 1997-07-07 1999-09-07 International Business Machines Corporation Discovery of authentication server domains in a computer network
US5949419A (en) 1996-05-13 1999-09-07 Domine; Robert M Web browser detection and default home page modification device
US5956736A (en) 1996-09-27 1999-09-21 Apple Computer, Inc. Object-oriented editor for creating world wide web documents
US5956732A (en) 1994-02-28 1999-09-21 Nec Corporation Software system management device for maintaining revisions of a source code
US5960200A (en) 1996-05-03 1999-09-28 I-Cube System to transition an enterprise to a distributed infrastructure
US5968176A (en) 1997-05-29 1999-10-19 3Com Corporation Multilayer firewall system
US5987247A (en) 1997-05-09 1999-11-16 International Business Machines Corporation Systems, methods and computer program products for building frameworks in an object oriented environment
US5995114A (en) 1997-09-10 1999-11-30 International Business Machines Corporation Applying numerical approximation to general graph drawing
US6002868A (en) 1996-12-31 1999-12-14 Compaq Computer Corporation Test definition tool
US6003047A (en) 1996-12-30 1999-12-14 Emc Corporation Non-hierarchical application interface for HTML-based network storage management programs
US6014712A (en) 1996-05-21 2000-01-11 Hewlett-Packard Company Network system
US6014669A (en) 1997-10-01 2000-01-11 Sun Microsystems, Inc. Highly-available distributed cluster configuration database
US6016495A (en) 1997-09-19 2000-01-18 International Business Machines Corporation Object-oriented framework mechanism for providing persistent storage
US6016501A (en) 1998-03-18 2000-01-18 Bmc Software Enterprise data movement system and method which performs data load and changed data propagation operations
US6021496A (en) 1997-07-07 2000-02-01 International Business Machines Corporation User authentication from non-native server domains in a computer network
US6029247A (en) 1996-12-09 2000-02-22 Novell, Inc. Method and apparatus for transmitting secured data
US6029178A (en) 1998-03-18 2000-02-22 Bmc Software Enterprise data movement system and method which maintains and compares edition levels for consistency of replicated data
US6029195A (en) 1994-11-29 2000-02-22 Herz; Frederick S. M. System for customized electronic identification of desirable objects
US6035323A (en) 1997-10-24 2000-03-07 Pictra, Inc. Methods and apparatuses for distributing a collection of digital media over a network with automatic generation of presentable media
US6041344A (en) 1997-06-23 2000-03-21 Oracle Corporation Apparatus and method for passing statements to foreign databases by using a virtual package
US6044465A (en) 1997-07-07 2000-03-28 International Business Machines Corporation User profile storage on and retrieval from a non-native server domain for use in a client running a native operating system
US6044368A (en) 1998-04-30 2000-03-28 Genesys Telecommunications Laboratories, Inc. Method and apparatus for multiple agent commitment tracking and notification
US6049822A (en) 1997-10-31 2000-04-11 Selectica, Inc. Method for generating and updating knowledge-based configurators that are multi platform and multi language capable
US6052512A (en) 1997-12-22 2000-04-18 Scientific Learning Corp. Migration mechanism for user data from one client computer system to another
US6055538A (en) 1997-12-22 2000-04-25 Hewlett Packard Company Methods and system for using web browser to search large collections of documents
US6058379A (en) 1997-07-11 2000-05-02 Auction Source, L.L.C. Real-time network exchange with seller specified exchange parameters and interactive seller participation
US6058260A (en) 1995-06-12 2000-05-02 The United States Of America As Represented By The Secretary Of The Army Methods and apparatus for planning and managing a communications network
US6061650A (en) 1996-09-10 2000-05-09 Nortel Networks Corporation Method and apparatus for transparently providing mobile network functionality
US6061643A (en) 1998-07-07 2000-05-09 Tenfold Corporation Method for defining durable data for regression testing
US6067568A (en) 1996-12-10 2000-05-23 International Business Machines Corporation Automatic setup of services for computer system users
US6070184A (en) 1997-08-28 2000-05-30 International Business Machines Corporation Server-side asynchronous form management
US6076166A (en) 1997-01-17 2000-06-13 Philips Electronics North America Corporation Personalizing hospital intranet web sites
US6079020A (en) 1998-01-27 2000-06-20 Vpnet Technologies, Inc. Method and apparatus for managing a virtual private network
US6092199A (en) 1997-07-07 2000-07-18 International Business Machines Corporation Dynamic creation of a user account in a client following authentication from a non-native server domain
US6101503A (en) 1998-03-02 2000-08-08 International Business Machines Corp. Active markup--a system and method for navigating through text collections
US6101481A (en) 1996-01-25 2000-08-08 Taskey Pty Ltd. Task management system
US6108649A (en) 1998-03-03 2000-08-22 Novell, Inc. Method and system for supplanting a first name base with a second name base
US6108670A (en) 1997-11-24 2000-08-22 International Business Machines Corporation Checking and enabling database updates with a dynamic, multi-modal, rule based system
US6112240A (en) 1997-09-03 2000-08-29 International Business Machines Corporation Web site client information tracker
US6112228A (en) 1998-02-13 2000-08-29 Novell, Inc. Client inherited functionally derived from a proxy topology where each proxy is independently configured
US6115040A (en) 1997-09-26 2000-09-05 Mci Communications Corporation Graphical user interface for Web enabled applications
US6115544A (en) 1992-09-03 2000-09-05 International Business Machines Corporation Method and system for displaying error messages
US6134548A (en) 1998-11-19 2000-10-17 Ac Properties B.V. System, method and article of manufacture for advanced mobile bargain shopping
US6137869A (en) 1997-09-16 2000-10-24 Bell Atlantic Network Services, Inc. Network session management
US6138086A (en) 1996-12-24 2000-10-24 International Business Machines Corporation Encoding of language, country and character formats for multiple language display and transmission
US6141647A (en) 1995-10-20 2000-10-31 The Dow Chemical Company System and method for integrating a business environment, a process control environment, and a laboratory environment
US6141006A (en) 1999-02-11 2000-10-31 Quickbuy, Inc. Methods for executing commercial transactions in a network system using visual link objects
US6141010A (en) 1998-07-17 2000-10-31 B. E. Technology, Llc Computer interface method and apparatus with targeted advertising
US6151600A (en) 1994-11-03 2000-11-21 Intel Corporation Electronic information appraisal agent
US6151610A (en) 1993-12-27 2000-11-21 Digital Equipment Corporation Document display system using a scripting language having container variables setting document attributes
US6161176A (en) 1998-11-20 2000-12-12 Microsoft Corporation System and method for storing configuration settings for transfer from a first system to a second system
US6167564A (en) 1998-09-17 2000-12-26 Unisys Corp. Software system development framework
US6167445A (en) 1998-10-26 2000-12-26 Cisco Technology, Inc. Method and apparatus for defining and implementing high-level quality of service policies in computer networks
US6170009B1 (en) 1998-07-17 2001-01-02 Kallol Mandal Controlling devices on a network through policies
US6182212B1 (en) 1998-12-14 2001-01-30 International Business Machine Corporation Method and system for automated migration of user settings to a replacement computer system
US6182226B1 (en) 1998-03-18 2001-01-30 Secure Computing Corporation System and method for controlling interactions between networks
US6185625B1 (en) 1996-12-20 2001-02-06 Intel Corporation Scaling proxy server sending to the client a graphical user interface for establishing object encoding preferences after receiving the client's request for the object
US6195794B1 (en) 1997-08-12 2001-02-27 International Business Machines Corporation Method and apparatus for distributing templates in a component system
US6199068B1 (en) 1997-09-11 2001-03-06 Abb Power T&D Company Inc. Mapping interface for a distributed server to translate between dissimilar file formats
US6199079B1 (en) 1998-03-09 2001-03-06 Junglee Corporation Method and system for automatically filling forms in an integrated network based transaction environment
US6202051B1 (en) 1995-04-26 2001-03-13 Merc Exchange Llc Facilitating internet commerce through internetworked auctions
US6205480B1 (en) 1998-08-19 2001-03-20 Computer Associates Think, Inc. System and method for web server user authentication
US6208345B1 (en) 1998-04-15 2001-03-27 Adc Telecommunications, Inc. Visual data integration system and method
US6209000B1 (en) 1997-10-31 2001-03-27 Oracle Corporation Tracking storage for data items
US6209033B1 (en) 1995-02-01 2001-03-27 Cabletron Systems, Inc. Apparatus and method for network capacity evaluation and planning
US6222535B1 (en) 1997-10-23 2001-04-24 Alcatel Usa Sourcing, L.P. System and method for facilitating issue tracking
US6223221B1 (en) 1998-02-05 2001-04-24 International Business Machines Corporation System and method for calculating the transfer rate across a communication medium using a downloaded test program and transferring data accordingly
US6226649B1 (en) 1997-06-23 2001-05-01 Oracle Corporation Apparatus and method for transparent access of foreign databases in a heterogeneous database system
US6230184B1 (en) 1998-10-19 2001-05-08 Sun Microsystems, Inc. Method and apparatus for automatically optimizing execution of a computer program
US6230309B1 (en) 1997-04-25 2001-05-08 Sterling Software, Inc Method and system for assembling and utilizing components in component object systems
US6230160B1 (en) 1997-07-17 2001-05-08 International Business Machines Corporation Creating proxies for distributed beans and event objects
US6233584B1 (en) 1997-09-09 2001-05-15 International Business Machines Corporation Technique for providing a universal query for multiple different databases
US6237114B1 (en) 1998-05-13 2001-05-22 Sun Microsystems, Inc. System and method for evaluating monitored computer systems
US6246410B1 (en) 1996-01-19 2001-06-12 International Business Machines Corp. Method and system for database access
US6249905B1 (en) 1998-01-16 2001-06-19 Kabushiki Kaisha Toshiba Computerized accounting system implemented in an object-oriented programming environment
US6256678B1 (en) 1994-11-17 2001-07-03 Sterling Software, Inc. Object oriented method and system for providing a common communications interface between software application programs
US6256659B1 (en) 1997-12-09 2001-07-03 Mci Communications Corporation System and method for performing hybrid preemptive and cooperative multi-tasking in a computer system
US6256637B1 (en) 1998-05-05 2001-07-03 Gemstone Systems, Inc. Transactional virtual machine architecture
US6260068B1 (en) 1998-06-10 2001-07-10 Compaq Computer Corporation Method and apparatus for migrating resources in a multi-processor computer system
US6263352B1 (en) 1997-11-14 2001-07-17 Microsoft Corporation Automated web site creation using template driven generation of active server page applications
US6266666B1 (en) 1997-09-08 2001-07-24 Sybase, Inc. Component transaction server for developing and deploying transaction- intensive business applications
US6269406B1 (en) 1998-10-19 2001-07-31 International Business Machines Corporation User group synchronization to manage capabilities in heterogeneous networks
US6269405B1 (en) 1998-10-19 2001-07-31 International Business Machines Corporation User account establishment and synchronization in heterogeneous networks
US6272678B1 (en) 1997-11-05 2001-08-07 Hitachi, Ltd Version and configuration management method and apparatus and computer readable recording medium for recording therein version and configuration management program
US6272673B1 (en) 1997-11-25 2001-08-07 Alphablox Corporation Mechanism for automatically establishing connections between executable components of a hypertext-based application
US6279030B1 (en) 1998-11-12 2001-08-21 International Business Machines Corporation Dynamic JAVA™ class selection and download based on changeable attributes
US6282605B1 (en) 1999-04-26 2001-08-28 Moore Computer Consultants, Inc. File system for non-volatile computer memory
US6282576B1 (en) 1998-09-21 2001-08-28 Unisys Corporation Method of transferring heterogeneous data with meaningful interrelationships between incompatible computers
US6286028B1 (en) 1998-12-01 2001-09-04 International Business Machines Corporation Method and apparatus for conducting electronic commerce
US6286104B1 (en) 1999-08-04 2001-09-04 Oracle Corporation Authentication and authorization in a multi-tier relational database management system
US6301601B1 (en) 1997-10-28 2001-10-09 Microsoft Corporation Disabling and enabling transaction committal in transactional application components
US6304893B1 (en) 1996-07-01 2001-10-16 Sun Microsystems, Inc. Object-oriented system, method and article of manufacture for a client-server event driven message framework in an interprise computing framework system
US6308188B1 (en) 1997-06-19 2001-10-23 International Business Machines Corporation System and method for building a web site with automated workflow
US6308164B1 (en) 1997-04-28 2001-10-23 Jeff Nummelin Distributed project management system and method
US6308273B1 (en) 1998-06-12 2001-10-23 Microsoft Corporation Method and system of security location discrimination
US20010034733A1 (en) 2000-03-03 2001-10-25 Michel Prompt System and method for providing access to databases via directories and other hierarchical structures and interfaces
US6313835B1 (en) 1999-04-09 2001-11-06 Zapa Digital Arts Ltd. Simplified on-line preparation of dynamic web sites
US6314434B1 (en) 1998-04-15 2001-11-06 Fujitsu Limited Structured data management system and computer-readable method for storing structured data management program
US6327677B1 (en) 1998-04-27 2001-12-04 Proactive Networks Method and apparatus for monitoring a network environment
US6330566B1 (en) 1998-06-22 2001-12-11 Microsoft Corporation Apparatus and method for optimizing client-state data storage
US6336118B1 (en) 1998-12-03 2002-01-01 International Business Machines Corporation Framework within a data processing system for manipulating program objects
US6341287B1 (en) 1998-12-18 2002-01-22 Alternative Systems, Inc. Integrated change management unit
US6345239B1 (en) 1999-08-31 2002-02-05 Accenture Llp Remote demonstration of business capabilities in an e-commerce environment
US6349287B1 (en) 1997-08-01 2002-02-19 Fuji Xerox Co., Ltd. Work-flow support system
US6363398B1 (en) 1997-11-25 2002-03-26 Micron Electronics, Inc. Database access using active server pages
US6370646B1 (en) 2000-02-16 2002-04-09 Miramar Systems Method and apparatus for multiplatform migration
US6370573B1 (en) 1999-08-31 2002-04-09 Accenture Llp System, method and article of manufacture for managing an environment of a development architecture framework
US6381579B1 (en) 1998-12-23 2002-04-30 International Business Machines Corporation System and method to provide secure navigation to resources on the internet
US20020055949A1 (en) 2000-12-06 2002-05-09 Masashi Shiomi Information processing apparatus, communication apparatus, information processing terminal, information supplying apparatus, information supplying method, information supplying system and computer readable recording medium, providing desired information together with related advertisement information
US6389589B1 (en) 1998-09-21 2002-05-14 Microsoft Corporation Class store schema
US6401085B1 (en) 1999-03-05 2002-06-04 Accenture Llp Mobile communication and computing system and method
US6401211B1 (en) 1999-10-19 2002-06-04 Microsoft Corporation System and method of user logon in combination with user authentication for network access
US6405364B1 (en) 1999-08-31 2002-06-11 Accenture Llp Building techniques in a development architecture framework
US20020078005A1 (en) 2000-12-19 2002-06-20 International Business Machines Corporation Apparatus for indirect directory searches and method therefor
US6430556B1 (en) 1999-11-01 2002-08-06 Sun Microsystems, Inc. System and method for providing a query object development environment
US20020112178A1 (en) 2001-02-15 2002-08-15 Scherr Allan L. Methods and apparatus for providing security for a data storage system
US6438514B1 (en) 1998-12-29 2002-08-20 Stmicroelectronics Limited Generation of a system model
US6442620B1 (en) 1998-08-17 2002-08-27 Microsoft Corporation Environment extensibility and automatic services for component applications using contexts, policies and activators
US6446096B1 (en) 1998-09-11 2002-09-03 International Business Machines Corporation Method and system for providing device-specific key control using role-based HTML element tags
US20020129274A1 (en) 2001-03-08 2002-09-12 International Business Machines Corporation Inter-partition message passing method, system and program product for a security server in a partitioned processing environment
US6453317B1 (en) 1998-09-29 2002-09-17 Worldcom, Inc. Customer information storage and delivery system
US20020133723A1 (en) 2001-03-16 2002-09-19 John King Frederick Tait Method and system to provide and manage secure access to internal computer systems from an external client
US6457130B2 (en) 1998-03-03 2002-09-24 Network Appliance, Inc. File access control in a multi-protocol file server
US20020138572A1 (en) 2000-12-22 2002-09-26 Delany Shawn P. Determining a user's groups
US6466932B1 (en) 1998-08-14 2002-10-15 Microsoft Corporation System and method for implementing group policy
US6469713B2 (en) 1998-12-15 2002-10-22 International Business Machines Corporation Method, system and computer program product for dynamic language switching via messaging
US6473794B1 (en) 1999-05-27 2002-10-29 Accenture Llp System for establishing plan to test components of web based framework by displaying pictorial representation and conveying indicia coded components of existing network framework
US20020169988A1 (en) 2000-12-22 2002-11-14 Vandergeest Ron J. Method and apparatus for providing user authentication using a back channel
US20020169986A1 (en) 2001-05-11 2002-11-14 Lortz Victor B. Resource authorization
US20020174366A1 (en) 2000-10-26 2002-11-21 General Instrument, Inc. Enforcement of content rights and conditions for multimedia content
US20020178377A1 (en) 2001-03-21 2002-11-28 International Business Machines Corporation Method and system for server support for pluggable authorization systems
US20020184536A1 (en) 2001-06-01 2002-12-05 Flavin James D. Method and apparatus for brokering and provisioning of windows
US6496847B1 (en) 1998-05-15 2002-12-17 Vmware, Inc. System and method for virtualizing computer systems
US20030009487A1 (en) 2001-01-26 2003-01-09 Senthil Prabakaran Policy implementation
US20030018913A1 (en) 2001-06-20 2003-01-23 Brezak John E. Methods and systems for controlling the scope of delegation of authentication credentials
US20030028611A1 (en) 2001-07-23 2003-02-06 Kenny John G. Multi-task, multi-location networking system
US20030033535A1 (en) 2000-01-27 2003-02-13 Gwyn Fisher Method and system for implementing a common user logon to multiple applications
US20030065942A1 (en) 2001-09-28 2003-04-03 Lineman David J. Method and apparatus for actively managing security policies for users and computers in a network
US20030065940A1 (en) 2001-01-08 2003-04-03 Brezak John E. Credential management
US6567818B1 (en) 1999-06-14 2003-05-20 International Business Machines Corporation Employing management policies to manage instances of objects
US20030110397A1 (en) 2001-12-12 2003-06-12 Pervasive Security Systems, Inc. Guaranteed delivery of changes to security policies in a distributed system
US20030115313A1 (en) 2001-12-07 2003-06-19 Yasusi Kanada Network, server, and storage policy server
US20030115439A1 (en) * 2001-12-19 2003-06-19 Hewlett Packard Company Updating references to a migrated object in a partition-based distributed file system
US20030115186A1 (en) 2001-12-14 2003-06-19 Wilkinson Francis M. System for controlling access to and generation of localized application values
US6587876B1 (en) 1999-08-24 2003-07-01 Hewlett-Packard Development Company Grouping targets of management policies
US20030149781A1 (en) 2001-12-04 2003-08-07 Peter Yared Distributed network identity
US20030177388A1 (en) 2002-03-15 2003-09-18 International Business Machines Corporation Authenticated identity translation within a multiple computing unit environment
US6625622B1 (en) 1999-05-14 2003-09-23 Eisenworld, Inc. Apparatus and method for transfering information between platforms
US20030188036A1 (en) 2002-03-22 2003-10-02 Sun Microsystems, Inc. Methods and systems for program migration
US6658625B1 (en) 1999-04-14 2003-12-02 International Business Machines Corporation Apparatus and method for generic data conversion
US20030229783A1 (en) 2002-06-06 2003-12-11 Hardt Dick C. Distributed hierarchical identity management
US6678714B1 (en) 1998-11-16 2004-01-13 Taskserver.Com, Inc. Computer-implemented task management system
US20040010519A1 (en) 2002-07-11 2004-01-15 Sinn Richard P. Rule based data management
US20040059953A1 (en) 2002-09-24 2004-03-25 Arinc Methods and systems for identity management
US6715128B1 (en) 1998-11-27 2004-03-30 Hitachi, Ltd. Method for converting directory data, and program and device therefor
US20040078569A1 (en) 2002-10-21 2004-04-22 Timo Hotti Method and system for managing security material and sevices in a distributed database system
US6728877B2 (en) 1999-04-28 2004-04-27 Tranxition Corporation Method and system for automatically transitioning of configuration settings among computer systems
US20040088543A1 (en) 2002-10-31 2004-05-06 Praerit Garg Selective cross-realm authentication
US6735691B1 (en) 2000-01-27 2004-05-11 Microsoft Corporation System and method for the automated migration of configuration information
US20040098615A1 (en) 2002-11-16 2004-05-20 Mowers David R. Mapping from a single sign-in service to a directory service
US20040098595A1 (en) 2002-11-14 2004-05-20 International Business Machines Corporation Integrating legacy application/data access with single sign-on in a distributed computing environment
US20040111515A1 (en) 2002-12-04 2004-06-10 Microsoft Corporation Peer-to-peer identity management interfaces and methods
US20040111643A1 (en) 2002-12-02 2004-06-10 Farmer Daniel G. System and method for providing an enterprise-based computer security policy
US20040117382A1 (en) 2002-12-17 2004-06-17 International Business Machines Corporation Method and apparatus for customizing the output of a user command
US20040123146A1 (en) 2002-12-19 2004-06-24 International Business Machines Corporation Security objects with language translation and speech to text conversion
US6757696B2 (en) 2000-01-25 2004-06-29 Fusionone, Inc. Management server for synchronization system
US20040128542A1 (en) 2002-12-31 2004-07-01 International Business Machines Corporation Method and system for native authentication protocols in a heterogeneous federated environment
US6760761B1 (en) 2000-03-27 2004-07-06 Genuity Inc. Systems and methods for standardizing network devices
US20040139050A1 (en) 2002-12-31 2004-07-15 American Express Travel Related Services Company, Inc. Method and system for implementing and managing an enterprise identity management for distributed security in a computer system
US6795835B2 (en) 2000-05-19 2004-09-21 Centerbeam, Inc. Migration of computer personalization information
US6801946B1 (en) 2000-06-15 2004-10-05 International Business Machines Corporation Open architecture global sign-on apparatus and method therefor
US20040199795A1 (en) 2003-04-03 2004-10-07 Grewal Sukhminder S. Methods and systems for accessing a network-based computer system
US6817017B2 (en) 2000-04-24 2004-11-09 Leotel, Technologies, Inc. Universal interface system
US20040226027A1 (en) 2003-05-06 2004-11-11 Winter Tony Jon Application interface wrapper
US20040260651A1 (en) 2003-06-17 2004-12-23 International Business Machines Corporation Multiple identity management in an electronic commerce site
US20040260565A1 (en) * 2003-06-05 2004-12-23 Zimniewicz Jeff A. Systems and methods to migrate a user profile when joining a client to a server and/or domain
US6839766B1 (en) 2000-01-14 2005-01-04 Cisco Technology, Inc. Method and apparatus for communicating cops protocol policies to non-cops-enabled network devices
US20050010547A1 (en) 2003-07-10 2005-01-13 Nortel Networks Limited Method and apparatus for managing identity information on a network
US20050044409A1 (en) 2003-08-19 2005-02-24 International Business Machines Corporation Implementation and use of a PII data access control facility employing personally identifying information labels and purpose serving functions sets
US20050055357A1 (en) 2003-04-24 2005-03-10 Scott Campbell Method, system and article of manufacture for data preservation and automated electronic software distribution across an enterprise system
US20050060397A1 (en) 2002-04-19 2005-03-17 Computer Associates Think, Inc. Method and system for managing a computer system
US6880005B1 (en) 2000-03-31 2005-04-12 Intel Corporation Managing policy rules in a network
US20050086457A1 (en) * 2003-10-21 2005-04-21 Hohman Jennifer L. System and method for providing user controlled migration of a client computer
US20050091068A1 (en) 2003-10-23 2005-04-28 Sundaresan Ramamoorthy Smart translation of generic configurations
US20050091250A1 (en) 2003-10-23 2005-04-28 Microsoft Corporation Composite user interface and framework
US20050091213A1 (en) 2003-10-24 2005-04-28 Schutz Klaus U. Interoperable credential gathering and access modularity
US20050091290A1 (en) 2003-10-23 2005-04-28 Kim Cameron Method and system for synchronizing identity information
US20050091284A1 (en) 2003-10-23 2005-04-28 Microsoft Corporation Composite view
US20050108579A1 (en) 2002-02-01 2005-05-19 Novell, Inc. Isolating multiple authentication channels, each using multiple authentication models
US20050114701A1 (en) 2003-11-21 2005-05-26 International Business Machines Corporation Federated identity management within a distributed portal server
US20050125798A1 (en) 2001-04-24 2005-06-09 Peterson Diane L. Method and apparatus for load balancing a distributed processing system
US20050144463A1 (en) 2002-03-18 2005-06-30 Telenor Asa Single sign-on secure service access
US6925477B1 (en) 1998-03-31 2005-08-02 Intellisync Corporation Transferring records between two databases
US6938158B2 (en) 2000-07-14 2005-08-30 Nec Corporation Single sign-on system and single sign-on method for a web site and recording medium
US20050193181A1 (en) 2004-02-26 2005-09-01 Yasunori Kaneda Data migration method and a data migration apparatus
US6941465B1 (en) 1999-07-26 2005-09-06 Microsoft Corporation Method of enforcing a policy on a computer network
US20050198303A1 (en) 2004-01-02 2005-09-08 Robert Knauerhase Dynamic virtual machine service provider allocation
US6944183B1 (en) 1999-06-10 2005-09-13 Alcatel Object model for network policy management
US20050204143A1 (en) 2004-01-29 2005-09-15 Newisys, Inc. Method and system for enabling remote access to a computer system
US6950935B1 (en) 2000-04-21 2005-09-27 Sun Microsystems, Inc. Pluggable authentication modules for telecommunications management network
US20050223216A1 (en) 2004-04-02 2005-10-06 Microsoft Corporation Method and system for recovering password protected private data via a communication network without exposing the private data
US20050246554A1 (en) 2004-04-30 2005-11-03 Apple Computer, Inc. System and method for creating tamper-resistant code
US6968370B2 (en) 2001-01-17 2005-11-22 Tuan-Hui Wu Method of transferring resources between different operation systems
US20050268309A1 (en) 2001-06-28 2005-12-01 Microsoft Corporation Transparent and sub-classable proxies
US20050267938A1 (en) * 2004-05-14 2005-12-01 Mirapoint, Inc. Method for mailbox migration
US6973488B1 (en) 2000-03-31 2005-12-06 Intel Corporation Providing policy information to a remote device
US6976090B2 (en) 2000-04-20 2005-12-13 Actona Technologies Ltd. Differentiated content and application delivery via internet
US20050283443A1 (en) 2004-06-16 2005-12-22 Hardt Dick C Auditable privacy policies in a distributed hierarchical identity management system
US20050283614A1 (en) 2004-06-16 2005-12-22 Hardt Dick C Distributed hierarchical identity management system authentication mechanisms
US20060004794A1 (en) 2004-06-30 2006-01-05 Microsoft Corporation Rich application view system and method
US20060010445A1 (en) 2004-07-09 2006-01-12 Peterson Matthew T Apparatus, system, and method for managing policies on a computer having a foreign operating system
US20060015353A1 (en) 2004-05-19 2006-01-19 Grand Central Communications, Inc. A Delaware Corp Techniques for providing connections to services in a network environment
US20060021017A1 (en) 2004-07-21 2006-01-26 International Business Machines Corporation Method and system for establishing federation relationships through imported configuration files
US20060026195A1 (en) 2004-07-26 2006-02-02 International Business Machines Corporation Migrating personality of computing environment from source platform to target platform
US20060034494A1 (en) 2004-08-11 2006-02-16 National Background Data, Llc Personal identity data management
US7028079B2 (en) * 2001-05-25 2006-04-11 Lenovo (Singapore) Pte, Ltd. Method and apparatus for the automatic migration of applications and their associated data and configuration files
US20060085483A1 (en) 2004-10-14 2006-04-20 Microsoft Corporation System and method of merging contacts
US20060116949A1 (en) * 2004-06-18 2006-06-01 Washington Mutual, Inc. System for automatically transferring account information, such as information regarding a financial services account
US7062781B2 (en) 1997-02-12 2006-06-13 Verizon Laboratories Inc. Method for providing simultaneous parallel secure command execution on multiple remote hosts
US20060130065A1 (en) 2004-12-09 2006-06-15 Arthur Chin Centralized identity management system and method for delegating resource management in a technology outsourcing environment
US7080077B2 (en) 2000-07-10 2006-07-18 Oracle International Corporation Localized access
US20060161435A1 (en) 2004-12-07 2006-07-20 Farsheed Atef System and method for identity verification and management
US20060174350A1 (en) 2005-02-03 2006-08-03 Navio Systems, Inc. Methods and apparatus for optimizing identity management
US7089584B1 (en) 2000-05-24 2006-08-08 Sun Microsystems, Inc. Security architecture for integration of enterprise information system with J2EE platform
US20060184401A1 (en) * 2005-02-15 2006-08-17 International Business Machines Corporation System and method for resource and cost planning of an IT migration
US7100195B1 (en) 1999-07-30 2006-08-29 Accenture Llp Managing user information on an e-commerce system
US20060200424A1 (en) 2005-03-04 2006-09-07 Microsoft Corporation Method and system for integrating multiple identities, identity mechanisms and identity providers in a single user paradigm
US20060200504A1 (en) 2005-03-02 2006-09-07 International Business Machines Corporation Method and apparatus for role mapping methodology for user registry migration
US7117486B2 (en) 2002-10-04 2006-10-03 Sun Microsystems, Inc. System and method for migration of software
US20060224611A1 (en) 2005-03-29 2006-10-05 Microsoft Corporation Identity management user experience
US7133984B1 (en) 2003-04-11 2006-11-07 Sprint Communications Company L.P. Method and system for migrating data
US7139973B1 (en) 2000-11-20 2006-11-21 Cisco Technology, Inc. Dynamic information object cache approach useful in a vocabulary retrieval system
US20060265740A1 (en) 2005-03-20 2006-11-23 Clark John F Method and system for providing user access to a secure application
US20060282461A1 (en) 2005-06-10 2006-12-14 Microsoft Corporation Object virtualization
US20060282360A1 (en) * 2005-06-08 2006-12-14 Kahn Markus H Systems and methods for providing migration and performance matrices
US20060294151A1 (en) 2005-06-27 2006-12-28 Stanley Wong Method and apparatus for data integration and management
US7162640B2 (en) 2003-03-11 2007-01-09 Microsoft Corporation System and method for protecting identity information
US20070011136A1 (en) 2005-07-05 2007-01-11 International Business Machines Corporation Employing an identifier for an account of one domain in another domain to facilitate access of data on shared storage media
US7171458B2 (en) 2001-06-12 2007-01-30 International Business Machines Corporation Apparatus and method for managing configuration of computer systems on a computer network
US20070038596A1 (en) 2005-08-15 2007-02-15 Microsoft Corporation Restricting access to data based on data source rewriting
US20070083917A1 (en) 2005-10-07 2007-04-12 Peterson Matthew T Apparatus system and method for real-time migration of data related to authentication
US7209970B1 (en) 2000-09-19 2007-04-24 Sprint Spectrum L.P. Authentication, application-authorization, and user profiling using dynamic directory services
US7213266B1 (en) 2000-06-09 2007-05-01 Intertrust Technologies Corp. Systems and methods for managing and protecting electronic content and applications
US20070100980A1 (en) * 2005-11-01 2007-05-03 Hitachi, Ltd. Computer system and method for managing log information
US20070101415A1 (en) 2005-11-02 2007-05-03 Takanori Masui Image processing apparatus, user authentication method and storage medium storing program for user authentication
US7216181B1 (en) 2001-07-31 2007-05-08 Sprint Communications Company L.P. Middleware brokering system
US7231460B2 (en) 2001-06-04 2007-06-12 Gateway Inc. System and method for leveraging networked computers to view windows based files on Linux platforms
US7234157B2 (en) 2002-06-27 2007-06-19 Lenovo Singapore Pte Ltd Remote authentication caching on a trusted client or gateway system
US20070143836A1 (en) 2005-12-19 2007-06-21 Quest Software, Inc. Apparatus system and method to provide authentication services to legacy applications
US20070143430A1 (en) 2005-08-03 2007-06-21 Brett Dennis Johnson Methods of routing messages using a listener registry
US20070150448A1 (en) 2005-12-27 2007-06-28 Centrify Corporation Method and apparatus for optimizing large data set retrieval
US20070156766A1 (en) 2006-01-03 2007-07-05 Khanh Hoang Relationship data management
US20070156767A1 (en) 2006-01-03 2007-07-05 Khanh Hoang Relationship data management
US7243370B2 (en) 2001-06-14 2007-07-10 Microsoft Corporation Method and system for integrating security mechanisms into session initiation protocol request messages for client-proxy authentication
US20070180493A1 (en) 2006-01-24 2007-08-02 Citrix Systems, Inc. Methods and systems for assigning access control levels in providing access to resources via virtual machines
US20070192843A1 (en) 2006-02-13 2007-08-16 Quest Software, Inc. Disconnected credential validation using pre-fetched service tickets
US7284043B2 (en) 2004-09-23 2007-10-16 Centeris Corporation System and method for automated migration from Linux to Windows
US20070255814A1 (en) 2006-04-27 2007-11-01 Securetek Group Inc. System for server consolidation and mobilization
US7299504B1 (en) 2002-03-08 2007-11-20 Lucent Technologies Inc. System and method for implementing security management using a database-modeled security policy
US20070288992A1 (en) 2006-06-08 2007-12-13 Kyle Lane Robinson Centralized user authentication system apparatus and method
US7356601B1 (en) 2002-12-18 2008-04-08 Cisco Technology, Inc. Method and apparatus for authorizing network device operations that are requested by applications
US7356816B2 (en) 2001-02-13 2008-04-08 Computer Associates Think, Inc. Method and apparatus for multiplatform migration
US20080104250A1 (en) 2006-10-30 2008-05-01 Nikolay Vanyukhin Identity migration system apparatus and method
US20080104220A1 (en) 2006-10-30 2008-05-01 Nikolay Vanyukhin Identity migration apparatus and method
US7379996B2 (en) 2003-04-07 2008-05-27 Microsoft Corporation System and method for web server migration
US20080133533A1 (en) * 2006-11-28 2008-06-05 Krishna Ganugapati Migrating Credentials to Unified Identity Management Systems
US20080162604A1 (en) * 2005-03-01 2008-07-03 Serge Soulet System and Method For Migrating a Platform, User Data, and Applications From at Least One Server to at Least One Computer
US7418597B2 (en) 2003-08-15 2008-08-26 Venati, Inc. Apparatus for accepting certificate requests and submission to multiple certificate authorities
US7421555B2 (en) 2003-08-22 2008-09-02 Bluearc Uk Limited System, device, and method for managing file security attributes in a computer file storage system
US7428583B1 (en) 2000-10-31 2008-09-23 Intel Corporation Network policy distribution
US7440962B1 (en) 2001-02-28 2008-10-21 Oracle International Corporation Method and system for management of access information
US7444401B1 (en) 2002-11-18 2008-10-28 Arkion Systems Llc Method and apparatus for inexpensively monitoring and controlling remotely distributed appliances
US7467141B1 (en) 2000-08-04 2008-12-16 Grdn. Net Solutions, Llc Branding and revenue sharing models for facilitating storage, management and distribution of consumer information
US20090006537A1 (en) 2007-06-29 2009-01-01 Microsoft Corporation Virtual Desktop Integration with Terminal Services
US7483979B1 (en) 2001-01-16 2009-01-27 International Business Machines Corporation Method and system for virtualizing metadata between disparate systems
US7487535B1 (en) 2002-02-01 2009-02-03 Novell, Inc. Authentication on demand in a distributed network environment
US7519813B1 (en) 2004-08-02 2009-04-14 Network Appliance, Inc. System and method for a sidecar authentication mechanism
US20090216975A1 (en) 2008-02-26 2009-08-27 Vmware, Inc. Extending server-based desktop virtual machine architecture to client machines
US7584502B2 (en) 2004-05-03 2009-09-01 Microsoft Corporation Policy engine and methods and systems for protecting data
US7591005B1 (en) 2005-10-27 2009-09-15 Centrify Corporation Method and apparatus for user log-in name mapping
US7653794B2 (en) 2006-05-08 2010-01-26 Microsoft Corporation Converting physical machines to virtual machines
US7661027B2 (en) 2006-10-10 2010-02-09 Bea Systems, Inc. SIP server architecture fault tolerance and failover
US7673323B1 (en) 1998-10-28 2010-03-02 Bea Systems, Inc. System and method for maintaining security in a distributed computer network
US7765187B2 (en) 2005-11-29 2010-07-27 Emc Corporation Replication of a consistency group of data storage objects from servers in a data network
US7805721B2 (en) 2004-06-14 2010-09-28 Likewise Software, Inc. System and method for automated migration from Windows to Linux
US7987455B1 (en) 2003-07-23 2011-07-26 International Business Machines Corporation System and method of command processing
US8024360B2 (en) 2004-12-10 2011-09-20 Centrify Corporation Method and apparatus for maintaining multiple sets of identity data
US8141138B2 (en) 2005-10-17 2012-03-20 Oracle International Corporation Auditing correlated events using a secure web single sign-on login

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6230194B1 (en) 1997-07-14 2001-05-08 Freegate Corporation Upgrading a secure network interface
US7954178B2 (en) 2008-08-27 2011-06-07 Bauer Hockey, Inc. Hockey helmet comprising an occipital adjustment mechanism

Patent Citations (422)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4370707A (en) 1971-08-03 1983-01-25 Computer Service, Inc. Computer system for generating architectural specifications and project control instructions
US4109237A (en) 1977-01-17 1978-08-22 Hill Robert B Apparatus and method for identifying individuals through their retinal vasculature patterns
US4694397A (en) 1984-12-27 1987-09-15 The Advest Group, Inc. Banking/brokerage computer interface system
US5222018A (en) 1985-07-18 1993-06-22 Pitney Bowes Inc. System for centralized processing of accounting and payment functions
US5499379A (en) 1988-06-30 1996-03-12 Hitachi, Ltd. Input/output execution apparatus for a plural-OS run system
US5437027A (en) 1990-05-30 1995-07-25 Texas Instruments Incorporated System and method for database management supporting object-oriented programming
US5497492A (en) 1990-09-04 1996-03-05 Microsoft Corporation System and method for loading an operating system through use of a fire system
US5339435A (en) 1991-02-28 1994-08-16 Hewlett-Packard Company Heterogenous software configuration management apparatus
US5333302A (en) 1991-02-28 1994-07-26 Hensley Billy W Filtering event capture data for computer software evaluation
US5437555A (en) 1991-05-02 1995-08-01 Discourse Technologies, Inc. Remote teaching system
US5671428A (en) 1991-08-28 1997-09-23 Kabushiki Kaisha Toshiba Collaborative document processing system with version and comment management
US5367698A (en) 1991-10-31 1994-11-22 Epoch Systems, Inc. Network file migration system
US5423032A (en) 1991-10-31 1995-06-06 International Business Machines Corporation Method for extracting multi-word technical terms from text
US5441415A (en) 1992-02-11 1995-08-15 John R. Lee Interactive computer aided natural learning method and apparatus
US5267865A (en) 1992-02-11 1993-12-07 John R. Lee Interactive computer aided natural learning method and apparatus
US5387104A (en) 1992-04-01 1995-02-07 Corder; Paul R. Instructional system for improving communication skills
US5302132A (en) 1992-04-01 1994-04-12 Corder Paul R Instructional system and method for improving communication skills
US5310349A (en) 1992-04-30 1994-05-10 Jostens Learning Corporation Instructional management system
US5313465A (en) 1992-05-13 1994-05-17 Digital Equipment Corporation Method of merging networks across a common backbone network
US5410703A (en) 1992-07-01 1995-04-25 Telefonaktiebolaget L M Ericsson System for changing software during computer operation
US5745902A (en) 1992-07-06 1998-04-28 Microsoft Corporation Method and system for accessing a file using file names having different file name formats
US6115544A (en) 1992-09-03 2000-09-05 International Business Machines Corporation Method and system for displaying error messages
US5553291A (en) 1992-09-16 1996-09-03 Hitachi, Ltd. Virtual machine control method and virtual machine system
US5371852A (en) 1992-10-14 1994-12-06 International Business Machines Corporation Method and apparatus for making a cluster of computers appear as a single host on a network
US5590360A (en) 1992-10-19 1996-12-31 International Business Machines Corporation Apparatus and method for gathering and entering data requirements from multiple users in the building of process models and data models
US5440719A (en) 1992-10-27 1995-08-08 Cadence Design Systems, Inc. Method simulating data traffic on network in accordance with a client/sewer paradigm
US5550976A (en) 1992-12-08 1996-08-27 Sun Hydraulics Corporation Decentralized distributed asynchronous object oriented system and method for electronic data management, storage, and communication
US5530829A (en) 1992-12-17 1996-06-25 International Business Machines Corporation Track and record mode caching scheme for a storage system employing a scatter index table with pointer and a track directory
US5630069A (en) 1993-01-15 1997-05-13 Action Technologies, Inc. Method and apparatus for creating workflow maps of business processes
US5677997A (en) 1993-02-11 1997-10-14 Talatik; Kirit K. Method and apparatus for automated conformance and enforcement of behavior in application processing systems
US5764897A (en) 1993-02-25 1998-06-09 Sun Microsystems, Inc. Method and apparatus for managing transactions in an object-oriented distributed system
US5600833A (en) 1993-09-17 1997-02-04 Digital Equipment Corp. Attribute portion based document retrieval system with system query language interface
US5806075A (en) 1993-09-24 1998-09-08 Oracle Corporation Method and apparatus for peer-to-peer data replication
US5613090A (en) 1993-10-05 1997-03-18 Compaq Computer Corporation Computer system for disparate windowing environments which translates requests and replies between the disparate environments
US5659736A (en) 1993-11-29 1997-08-19 Mitsubishi Denki Kabushiki Kaisha Management information base and method in an OSI management system
US5812865A (en) 1993-12-03 1998-09-22 Xerox Corporation Specifying and establishing communication data paths between particular media devices in multiple media device computing systems based on context of a user or users
US5838918A (en) 1993-12-13 1998-11-17 International Business Machines Corporation Distributing system configuration information from a manager machine to subscribed endpoint machines in a distrubuted computing environment
US6151610A (en) 1993-12-27 2000-11-21 Digital Equipment Corporation Document display system using a scripting language having container variables setting document attributes
US5835911A (en) 1994-02-08 1998-11-10 Fujitsu Limited Software distribution and maintenance system and method
US5956732A (en) 1994-02-28 1999-09-21 Nec Corporation Software system management device for maintaining revisions of a source code
US5497486A (en) 1994-03-15 1996-03-05 Salvatore J. Stolfo Method of merging large databases in parallel
US5550968A (en) 1994-04-12 1996-08-27 International Business Machines Corporation Method and system for providing access security to controls in a graphical user interface
US5673387A (en) 1994-05-16 1997-09-30 Lucent Technologies Inc. System and method for selecting test units to be re-run in software regression testing
US5673386A (en) 1994-06-29 1997-09-30 U S West Technologies, Inc. Method and system for identification of software application faults
US5711671A (en) 1994-07-08 1998-01-27 The Board Of Regents Of Oklahoma State University Automated cognitive rehabilitation system and method for treating brain injured patients
US5586304A (en) 1994-09-08 1996-12-17 Compaq Computer Corporation Automatic computer upgrading
US6151600A (en) 1994-11-03 2000-11-21 Intel Corporation Electronic information appraisal agent
US5724521A (en) 1994-11-03 1998-03-03 Intel Corporation Method and apparatus for providing electronic advertisements to end users in a consumer best-fit pricing manner
US5758074A (en) 1994-11-04 1998-05-26 International Business Machines Corporation System for extending the desktop management interface at one node to a network by using pseudo management interface, pseudo component interface and network server interface
US5630131A (en) 1994-11-14 1997-05-13 Object Technology Licensing Corp. Method and apparatus for importing and exporting archive files for a graphical user interface
US6256678B1 (en) 1994-11-17 2001-07-03 Sterling Software, Inc. Object oriented method and system for providing a common communications interface between software application programs
US5623601A (en) 1994-11-18 1997-04-22 Milkway Networks Corporation Apparatus and method for providing a secure gateway for communication and data exchanges between networks
US5835087A (en) 1994-11-29 1998-11-10 Herz; Frederick S. M. System for generation of object profiles for a system for customized electronic identification of desirable objects
US6029195A (en) 1994-11-29 2000-02-22 Herz; Frederick S. M. System for customized electronic identification of desirable objects
US5754938A (en) 1994-11-29 1998-05-19 Herz; Frederick S. M. Pseudonymous server for system for customized electronic identification of desirable objects
US5608874A (en) 1994-12-02 1997-03-04 Autoentry Online, Inc. System and method for automatic data file format translation and transmission having advanced features
US5659735A (en) 1994-12-09 1997-08-19 Object Technology Licensing Corp. Object-oriented system for program version and history database management system for various program components
US5758344A (en) 1994-12-15 1998-05-26 Novell, Inc. Method and apparatus for moving subtrees in a distributed network directory
US5608903A (en) 1994-12-15 1997-03-04 Novell, Inc. Method and apparatus for moving subtrees in a distributed network directory
US5694540A (en) 1994-12-15 1997-12-02 Lucent Technologies Inc. Automated software regression test and compilation system
US5740427A (en) 1994-12-29 1998-04-14 Stoller; Lincoln Modular automated account maintenance system
US6209033B1 (en) 1995-02-01 2001-03-27 Cabletron Systems, Inc. Apparatus and method for network capacity evaluation and planning
US5872928A (en) 1995-02-24 1999-02-16 Cabletron Systems, Inc. Method and apparatus for defining and enforcing policies for configuration management in communications networks
US5692902A (en) 1995-03-24 1997-12-02 Maillefer Instruments S.A. Set of instruments for the boring of radicular dental canals
US5710884A (en) 1995-03-29 1998-01-20 Intel Corporation System for automatically updating personal profile server with updates to additional user information gathered from monitoring user's electronic consuming habits generated on computer during use
US5680586A (en) 1995-04-18 1997-10-21 International Business Machines Corporation Method and system for storing and accessing user-defined attributes within a data processing system
US6202051B1 (en) 1995-04-26 2001-03-13 Merc Exchange Llc Facilitating internet commerce through internetworked auctions
US5708828A (en) 1995-05-25 1998-01-13 Reliant Data Systems System for converting data from input data environment using first format to output data environment using second format by executing the associations between their fields
US5790801A (en) 1995-05-26 1998-08-04 Sharp Kabushiki Kaisha Data management system
US5675782A (en) 1995-06-06 1997-10-07 Microsoft Corporation Controlling access to objects on multiple operating systems
US5692132A (en) 1995-06-07 1997-11-25 Mastercard International, Inc. System and method for conducting cashless transactions on a computer network
US6058260A (en) 1995-06-12 2000-05-02 The United States Of America As Represented By The Secretary Of The Army Methods and apparatus for planning and managing a communications network
US5812669A (en) 1995-07-19 1998-09-22 Jenkins; Lew Method and system for providing secure EDI over an open network
US5778169A (en) 1995-08-07 1998-07-07 Synopsys, Inc. Computer system having improved regression testing
US5774551A (en) 1995-08-07 1998-06-30 Sun Microsystems, Inc. Pluggable account management interface with unified login and logout and multiple user authentication services
US5666502A (en) 1995-08-07 1997-09-09 Apple Computer, Inc. Graphical user interface using historical lists with field classes
US6141647A (en) 1995-10-20 2000-10-31 The Dow Chemical Company System and method for integrating a business environment, a process control environment, and a laboratory environment
US5872973A (en) 1995-10-26 1999-02-16 Viewsoft, Inc. Method for managing dynamic relations between objects in dynamic object-oriented languages
US5819295A (en) 1995-10-30 1998-10-06 Matsushita Electric Industrial Co., Ltd. Document storing and managing system
US5765140A (en) 1995-11-17 1998-06-09 Mci Corporation Dynamic project management system
US5822518A (en) 1995-11-29 1998-10-13 Hitachi, Ltd. Method for accessing information
US5844508A (en) 1995-12-01 1998-12-01 Fujitsu Limited Data coding method, data decoding method, data compression apparatus, and data decompression apparatus
US5893076A (en) 1996-01-16 1999-04-06 Sterling Commerce, Inc. Supplier driven commerce transaction processing system and methodology
US5784553A (en) 1996-01-16 1998-07-21 Parasoft Corporation Method and system for generating a computer program test suite using dynamic symbolic execution of JAVA programs
US5708812A (en) 1996-01-18 1998-01-13 Microsoft Corporation Method and apparatus for Migrating from a source domain network controller to a target domain network controller
US5768519A (en) 1996-01-18 1998-06-16 Microsoft Corporation Method and apparatus for merging user accounts from a source security domain into a target security domain
US6246410B1 (en) 1996-01-19 2001-06-12 International Business Machines Corp. Method and system for database access
US6101481A (en) 1996-01-25 2000-08-08 Taskey Pty Ltd. Task management system
US5893074A (en) 1996-01-29 1999-04-06 California Institute Of Technology Network based task management
US5819281A (en) 1996-02-26 1998-10-06 Electronic Data Systems Corporation Notification of aspect value change in object-oriented programming
US5754173A (en) 1996-02-28 1998-05-19 Sun Microsystems, Inc. Method and system for creating user interface independent programs with a user interface provider
US5706502A (en) 1996-03-25 1998-01-06 Sun Microsystems, Inc. Internet-enabled portfolio manager system and method
US5784643A (en) 1996-03-28 1998-07-21 International Business Machines Corporation System incorporating program for intercepting and interpreting or altering commands for generating I/O activity for enabling real-time user feedback by sending substitute characters to modem
US5745113A (en) 1996-04-03 1998-04-28 Institute For Research On Learning Representing work practices
US5743746A (en) 1996-04-17 1998-04-28 Ho; Chi Fai Reward enriched learning system and method
US5848396A (en) 1996-04-26 1998-12-08 Freedom Of Information, Inc. Method and apparatus for determining behavioral profile of a computer user
US5815657A (en) 1996-04-26 1998-09-29 Verifone, Inc. System, method and article of manufacture for network electronic authorization utilizing an authorization instrument
US5758062A (en) 1996-04-30 1998-05-26 Oracle Corporation Method and apparatus for regression testing of application logic
US5960200A (en) 1996-05-03 1999-09-28 I-Cube System to transition an enterprise to a distributed infrastructure
US5859972A (en) 1996-05-10 1999-01-12 The Board Of Trustees Of The University Of Illinois Multiple server repository and multiple server remote application virtual client computer
US5949419A (en) 1996-05-13 1999-09-07 Domine; Robert M Web browser detection and default home page modification device
US6014712A (en) 1996-05-21 2000-01-11 Hewlett-Packard Company Network system
US5727951A (en) 1996-05-28 1998-03-17 Ho; Chi Fai Relationship-based computer-aided-educational system
US5752042A (en) 1996-06-07 1998-05-12 International Business Machines Corporation Server computer for selecting program updates for a client computer based on results of recognizer program(s) furnished to the client computer
US5727145A (en) 1996-06-26 1998-03-10 Sun Microsystems, Inc. Mechanism for locating objects in a secure fashion
US6304893B1 (en) 1996-07-01 2001-10-16 Sun Microsystems, Inc. Object-oriented system, method and article of manufacture for a client-server event driven message framework in an interprise computing framework system
US5819265A (en) 1996-07-12 1998-10-06 International Business Machines Corporation Processing names in a text
US6061650A (en) 1996-09-10 2000-05-09 Nortel Networks Corporation Method and apparatus for transparently providing mobile network functionality
US5937165A (en) 1996-09-10 1999-08-10 Ganymede Software, Inc Systems, methods and computer program products for applications traffic based communications network performance testing
US5684950A (en) 1996-09-23 1997-11-04 Lockheed Martin Corporation Method and system for authenticating users to multiple computer servers via a single sign-on
US5890175A (en) 1996-09-25 1999-03-30 Wong; Garland Dynamic generation and display of catalogs
US5956736A (en) 1996-09-27 1999-09-21 Apple Computer, Inc. Object-oriented editor for creating world wide web documents
US5892898A (en) 1996-10-04 1999-04-06 Honeywell, Inc. Error management system for supporting the identification and logging of error messages
US5930512A (en) 1996-10-18 1999-07-27 International Business Machines Corporation Method and apparatus for building and running workflow process models using a hypertext markup language
US5878432A (en) 1996-10-29 1999-03-02 International Business Machines Corporation Object oriented framework mechanism for a source code repository
US5796393A (en) 1996-11-08 1998-08-18 Compuserve Incorporated System for intergrating an on-line service community with a foreign service
US6029247A (en) 1996-12-09 2000-02-22 Novell, Inc. Method and apparatus for transmitting secured data
US6067568A (en) 1996-12-10 2000-05-23 International Business Machines Corporation Automatic setup of services for computer system users
US5893916A (en) 1996-12-13 1999-04-13 Ncr Corporation Method of converting man pages to help topic files
US6185625B1 (en) 1996-12-20 2001-02-06 Intel Corporation Scaling proxy server sending to the client a graphical user interface for establishing object encoding preferences after receiving the client's request for the object
US6138086A (en) 1996-12-24 2000-10-24 International Business Machines Corporation Encoding of language, country and character formats for multiple language display and transmission
US6003047A (en) 1996-12-30 1999-12-14 Emc Corporation Non-hierarchical application interface for HTML-based network storage management programs
US6002868A (en) 1996-12-31 1999-12-14 Compaq Computer Corporation Test definition tool
US6076166A (en) 1997-01-17 2000-06-13 Philips Electronics North America Corporation Personalizing hospital intranet web sites
US7062781B2 (en) 1997-02-12 2006-06-13 Verizon Laboratories Inc. Method for providing simultaneous parallel secure command execution on multiple remote hosts
US6230309B1 (en) 1997-04-25 2001-05-08 Sterling Software, Inc Method and system for assembling and utilizing components in component object systems
US6308164B1 (en) 1997-04-28 2001-10-23 Jeff Nummelin Distributed project management system and method
US5987247A (en) 1997-05-09 1999-11-16 International Business Machines Corporation Systems, methods and computer program products for building frameworks in an object oriented environment
US5968176A (en) 1997-05-29 1999-10-19 3Com Corporation Multilayer firewall system
US6308188B1 (en) 1997-06-19 2001-10-23 International Business Machines Corporation System and method for building a web site with automated workflow
US6041344A (en) 1997-06-23 2000-03-21 Oracle Corporation Apparatus and method for passing statements to foreign databases by using a virtual package
US6226649B1 (en) 1997-06-23 2001-05-01 Oracle Corporation Apparatus and method for transparent access of foreign databases in a heterogeneous database system
US5948064A (en) 1997-07-07 1999-09-07 International Business Machines Corporation Discovery of authentication server domains in a computer network
US6044465A (en) 1997-07-07 2000-03-28 International Business Machines Corporation User profile storage on and retrieval from a non-native server domain for use in a client running a native operating system
US6092199A (en) 1997-07-07 2000-07-18 International Business Machines Corporation Dynamic creation of a user account in a client following authentication from a non-native server domain
US6021496A (en) 1997-07-07 2000-02-01 International Business Machines Corporation User authentication from non-native server domains in a computer network
US6058379A (en) 1997-07-11 2000-05-02 Auction Source, L.L.C. Real-time network exchange with seller specified exchange parameters and interactive seller participation
US6230160B1 (en) 1997-07-17 2001-05-08 International Business Machines Corporation Creating proxies for distributed beans and event objects
US6349287B1 (en) 1997-08-01 2002-02-19 Fuji Xerox Co., Ltd. Work-flow support system
US6195794B1 (en) 1997-08-12 2001-02-27 International Business Machines Corporation Method and apparatus for distributing templates in a component system
US6070184A (en) 1997-08-28 2000-05-30 International Business Machines Corporation Server-side asynchronous form management
US6112240A (en) 1997-09-03 2000-08-29 International Business Machines Corporation Web site client information tracker
US6266666B1 (en) 1997-09-08 2001-07-24 Sybase, Inc. Component transaction server for developing and deploying transaction- intensive business applications
US6233584B1 (en) 1997-09-09 2001-05-15 International Business Machines Corporation Technique for providing a universal query for multiple different databases
US5995114A (en) 1997-09-10 1999-11-30 International Business Machines Corporation Applying numerical approximation to general graph drawing
US6199068B1 (en) 1997-09-11 2001-03-06 Abb Power T&D Company Inc. Mapping interface for a distributed server to translate between dissimilar file formats
US6137869A (en) 1997-09-16 2000-10-24 Bell Atlantic Network Services, Inc. Network session management
US6016495A (en) 1997-09-19 2000-01-18 International Business Machines Corporation Object-oriented framework mechanism for providing persistent storage
US6615258B1 (en) 1997-09-26 2003-09-02 Worldcom, Inc. Integrated customer interface for web based data management
US6115040A (en) 1997-09-26 2000-09-05 Mci Communications Corporation Graphical user interface for Web enabled applications
US6014669A (en) 1997-10-01 2000-01-11 Sun Microsystems, Inc. Highly-available distributed cluster configuration database
US6222535B1 (en) 1997-10-23 2001-04-24 Alcatel Usa Sourcing, L.P. System and method for facilitating issue tracking
US6035323A (en) 1997-10-24 2000-03-07 Pictra, Inc. Methods and apparatuses for distributing a collection of digital media over a network with automatic generation of presentable media
US6301601B1 (en) 1997-10-28 2001-10-09 Microsoft Corporation Disabling and enabling transaction committal in transactional application components
US5890161A (en) 1997-10-28 1999-03-30 Microsoft Corporation Automatic transaction processing of component-based server applications
US6049822A (en) 1997-10-31 2000-04-11 Selectica, Inc. Method for generating and updating knowledge-based configurators that are multi platform and multi language capable
US6209000B1 (en) 1997-10-31 2001-03-27 Oracle Corporation Tracking storage for data items
US6272678B1 (en) 1997-11-05 2001-08-07 Hitachi, Ltd Version and configuration management method and apparatus and computer readable recording medium for recording therein version and configuration management program
US5889520A (en) 1997-11-13 1999-03-30 International Business Machines Corporation Topological view of a multi-tier network
US6263352B1 (en) 1997-11-14 2001-07-17 Microsoft Corporation Automated web site creation using template driven generation of active server page applications
US6108670A (en) 1997-11-24 2000-08-22 International Business Machines Corporation Checking and enabling database updates with a dynamic, multi-modal, rule based system
US6272673B1 (en) 1997-11-25 2001-08-07 Alphablox Corporation Mechanism for automatically establishing connections between executable components of a hypertext-based application
US6363398B1 (en) 1997-11-25 2002-03-26 Micron Electronics, Inc. Database access using active server pages
US6256659B1 (en) 1997-12-09 2001-07-03 Mci Communications Corporation System and method for performing hybrid preemptive and cooperative multi-tasking in a computer system
US6052512A (en) 1997-12-22 2000-04-18 Scientific Learning Corp. Migration mechanism for user data from one client computer system to another
US6055538A (en) 1997-12-22 2000-04-25 Hewlett Packard Company Methods and system for using web browser to search large collections of documents
US6249905B1 (en) 1998-01-16 2001-06-19 Kabushiki Kaisha Toshiba Computerized accounting system implemented in an object-oriented programming environment
US6079020A (en) 1998-01-27 2000-06-20 Vpnet Technologies, Inc. Method and apparatus for managing a virtual private network
US6223221B1 (en) 1998-02-05 2001-04-24 International Business Machines Corporation System and method for calculating the transfer rate across a communication medium using a downloaded test program and transferring data accordingly
US6112228A (en) 1998-02-13 2000-08-29 Novell, Inc. Client inherited functionally derived from a proxy topology where each proxy is independently configured
US6101503A (en) 1998-03-02 2000-08-08 International Business Machines Corp. Active markup--a system and method for navigating through text collections
US6108649A (en) 1998-03-03 2000-08-22 Novell, Inc. Method and system for supplanting a first name base with a second name base
US6457130B2 (en) 1998-03-03 2002-09-24 Network Appliance, Inc. File access control in a multi-protocol file server
US6199079B1 (en) 1998-03-09 2001-03-06 Junglee Corporation Method and system for automatically filling forms in an integrated network based transaction environment
US6182226B1 (en) 1998-03-18 2001-01-30 Secure Computing Corporation System and method for controlling interactions between networks
US6016501A (en) 1998-03-18 2000-01-18 Bmc Software Enterprise data movement system and method which performs data load and changed data propagation operations
US6029178A (en) 1998-03-18 2000-02-22 Bmc Software Enterprise data movement system and method which maintains and compares edition levels for consistency of replicated data
US6925477B1 (en) 1998-03-31 2005-08-02 Intellisync Corporation Transferring records between two databases
US6208345B1 (en) 1998-04-15 2001-03-27 Adc Telecommunications, Inc. Visual data integration system and method
US6314434B1 (en) 1998-04-15 2001-11-06 Fujitsu Limited Structured data management system and computer-readable method for storing structured data management program
US6327677B1 (en) 1998-04-27 2001-12-04 Proactive Networks Method and apparatus for monitoring a network environment
US6044368A (en) 1998-04-30 2000-03-28 Genesys Telecommunications Laboratories, Inc. Method and apparatus for multiple agent commitment tracking and notification
US6256637B1 (en) 1998-05-05 2001-07-03 Gemstone Systems, Inc. Transactional virtual machine architecture
US6237114B1 (en) 1998-05-13 2001-05-22 Sun Microsystems, Inc. System and method for evaluating monitored computer systems
US6496847B1 (en) 1998-05-15 2002-12-17 Vmware, Inc. System and method for virtualizing computer systems
US6260068B1 (en) 1998-06-10 2001-07-10 Compaq Computer Corporation Method and apparatus for migrating resources in a multi-processor computer system
US6308273B1 (en) 1998-06-12 2001-10-23 Microsoft Corporation Method and system of security location discrimination
US6330566B1 (en) 1998-06-22 2001-12-11 Microsoft Corporation Apparatus and method for optimizing client-state data storage
US6061643A (en) 1998-07-07 2000-05-09 Tenfold Corporation Method for defining durable data for regression testing
US6141010A (en) 1998-07-17 2000-10-31 B. E. Technology, Llc Computer interface method and apparatus with targeted advertising
US6170009B1 (en) 1998-07-17 2001-01-02 Kallol Mandal Controlling devices on a network through policies
US20030023587A1 (en) 1998-08-14 2003-01-30 Dennis Michael W. System and method for implementing group policy
US6466932B1 (en) 1998-08-14 2002-10-15 Microsoft Corporation System and method for implementing group policy
US6950818B2 (en) 1998-08-14 2005-09-27 Microsoft Corporation System and method for implementing group policy
US6442620B1 (en) 1998-08-17 2002-08-27 Microsoft Corporation Environment extensibility and automatic services for component applications using contexts, policies and activators
US6205480B1 (en) 1998-08-19 2001-03-20 Computer Associates Think, Inc. System and method for web server user authentication
US6446096B1 (en) 1998-09-11 2002-09-03 International Business Machines Corporation Method and system for providing device-specific key control using role-based HTML element tags
US6167564A (en) 1998-09-17 2000-12-26 Unisys Corp. Software system development framework
US6282576B1 (en) 1998-09-21 2001-08-28 Unisys Corporation Method of transferring heterogeneous data with meaningful interrelationships between incompatible computers
US6389589B1 (en) 1998-09-21 2002-05-14 Microsoft Corporation Class store schema
US6453317B1 (en) 1998-09-29 2002-09-17 Worldcom, Inc. Customer information storage and delivery system
US6230184B1 (en) 1998-10-19 2001-05-08 Sun Microsystems, Inc. Method and apparatus for automatically optimizing execution of a computer program
US6269405B1 (en) 1998-10-19 2001-07-31 International Business Machines Corporation User account establishment and synchronization in heterogeneous networks
US6269406B1 (en) 1998-10-19 2001-07-31 International Business Machines Corporation User group synchronization to manage capabilities in heterogeneous networks
US6167445A (en) 1998-10-26 2000-12-26 Cisco Technology, Inc. Method and apparatus for defining and implementing high-level quality of service policies in computer networks
US7185073B1 (en) 1998-10-26 2007-02-27 Cisco Technology, Inc. Method and apparatus for defining and implementing high-level quality of service policies in computer networks
US7673323B1 (en) 1998-10-28 2010-03-02 Bea Systems, Inc. System and method for maintaining security in a distributed computer network
US6279030B1 (en) 1998-11-12 2001-08-21 International Business Machines Corporation Dynamic JAVA™ class selection and download based on changeable attributes
US6678714B1 (en) 1998-11-16 2004-01-13 Taskserver.Com, Inc. Computer-implemented task management system
US6134548A (en) 1998-11-19 2000-10-17 Ac Properties B.V. System, method and article of manufacture for advanced mobile bargain shopping
US6161176A (en) 1998-11-20 2000-12-12 Microsoft Corporation System and method for storing configuration settings for transfer from a first system to a second system
US6715128B1 (en) 1998-11-27 2004-03-30 Hitachi, Ltd. Method for converting directory data, and program and device therefor
US6286028B1 (en) 1998-12-01 2001-09-04 International Business Machines Corporation Method and apparatus for conducting electronic commerce
US6336118B1 (en) 1998-12-03 2002-01-01 International Business Machines Corporation Framework within a data processing system for manipulating program objects
US6182212B1 (en) 1998-12-14 2001-01-30 International Business Machine Corporation Method and system for automated migration of user settings to a replacement computer system
US6469713B2 (en) 1998-12-15 2002-10-22 International Business Machines Corporation Method, system and computer program product for dynamic language switching via messaging
US6341287B1 (en) 1998-12-18 2002-01-22 Alternative Systems, Inc. Integrated change management unit
US6381579B1 (en) 1998-12-23 2002-04-30 International Business Machines Corporation System and method to provide secure navigation to resources on the internet
US6438514B1 (en) 1998-12-29 2002-08-20 Stmicroelectronics Limited Generation of a system model
US6141006A (en) 1999-02-11 2000-10-31 Quickbuy, Inc. Methods for executing commercial transactions in a network system using visual link objects
US6401085B1 (en) 1999-03-05 2002-06-04 Accenture Llp Mobile communication and computing system and method
US6313835B1 (en) 1999-04-09 2001-11-06 Zapa Digital Arts Ltd. Simplified on-line preparation of dynamic web sites
US6658625B1 (en) 1999-04-14 2003-12-02 International Business Machines Corporation Apparatus and method for generic data conversion
US6282605B1 (en) 1999-04-26 2001-08-28 Moore Computer Consultants, Inc. File system for non-volatile computer memory
US20080215867A1 (en) 1999-04-28 2008-09-04 Tranxition Corporation Method and system for automatically transitioning of configuration settings among computer systems
US7346766B2 (en) 1999-04-28 2008-03-18 Tranxition Corporation Method and system for automatically transitioning of configuration settings among computer systems
US20110093570A1 (en) 1999-04-28 2011-04-21 Tranxition Corporation Method and system for automatically transitioning of configuration settings among computer systems
US6728877B2 (en) 1999-04-28 2004-04-27 Tranxition Corporation Method and system for automatically transitioning of configuration settings among computer systems
US6625622B1 (en) 1999-05-14 2003-09-23 Eisenworld, Inc. Apparatus and method for transfering information between platforms
US6473794B1 (en) 1999-05-27 2002-10-29 Accenture Llp System for establishing plan to test components of web based framework by displaying pictorial representation and conveying indicia coded components of existing network framework
US6944183B1 (en) 1999-06-10 2005-09-13 Alcatel Object model for network policy management
US6567818B1 (en) 1999-06-14 2003-05-20 International Business Machines Corporation Employing management policies to manage instances of objects
US20060005229A1 (en) 1999-07-26 2006-01-05 Microsoft Corporation Method of enforcing a policy on a computer network
US6941465B1 (en) 1999-07-26 2005-09-06 Microsoft Corporation Method of enforcing a policy on a computer network
US7100195B1 (en) 1999-07-30 2006-08-29 Accenture Llp Managing user information on an e-commerce system
US6286104B1 (en) 1999-08-04 2001-09-04 Oracle Corporation Authentication and authorization in a multi-tier relational database management system
US6587876B1 (en) 1999-08-24 2003-07-01 Hewlett-Packard Development Company Grouping targets of management policies
US6405364B1 (en) 1999-08-31 2002-06-11 Accenture Llp Building techniques in a development architecture framework
US6345239B1 (en) 1999-08-31 2002-02-05 Accenture Llp Remote demonstration of business capabilities in an e-commerce environment
US6370573B1 (en) 1999-08-31 2002-04-09 Accenture Llp System, method and article of manufacture for managing an environment of a development architecture framework
US6401211B1 (en) 1999-10-19 2002-06-04 Microsoft Corporation System and method of user logon in combination with user authentication for network access
US6430556B1 (en) 1999-11-01 2002-08-06 Sun Microsystems, Inc. System and method for providing a query object development environment
US6839766B1 (en) 2000-01-14 2005-01-04 Cisco Technology, Inc. Method and apparatus for communicating cops protocol policies to non-cops-enabled network devices
US6757696B2 (en) 2000-01-25 2004-06-29 Fusionone, Inc. Management server for synchronization system
US20030033535A1 (en) 2000-01-27 2003-02-13 Gwyn Fisher Method and system for implementing a common user logon to multiple applications
US6735691B1 (en) 2000-01-27 2004-05-11 Microsoft Corporation System and method for the automated migration of configuration information
US6370646B1 (en) 2000-02-16 2002-04-09 Miramar Systems Method and apparatus for multiplatform migration
US20010034733A1 (en) 2000-03-03 2001-10-25 Michel Prompt System and method for providing access to databases via directories and other hierarchical structures and interfaces
US6760761B1 (en) 2000-03-27 2004-07-06 Genuity Inc. Systems and methods for standardizing network devices
US6973488B1 (en) 2000-03-31 2005-12-06 Intel Corporation Providing policy information to a remote device
US6880005B1 (en) 2000-03-31 2005-04-12 Intel Corporation Managing policy rules in a network
US6976090B2 (en) 2000-04-20 2005-12-13 Actona Technologies Ltd. Differentiated content and application delivery via internet
US6950935B1 (en) 2000-04-21 2005-09-27 Sun Microsystems, Inc. Pluggable authentication modules for telecommunications management network
US6817017B2 (en) 2000-04-24 2004-11-09 Leotel, Technologies, Inc. Universal interface system
US6795835B2 (en) 2000-05-19 2004-09-21 Centerbeam, Inc. Migration of computer personalization information
US7089584B1 (en) 2000-05-24 2006-08-08 Sun Microsystems, Inc. Security architecture for integration of enterprise information system with J2EE platform
US7213266B1 (en) 2000-06-09 2007-05-01 Intertrust Technologies Corp. Systems and methods for managing and protecting electronic content and applications
US6801946B1 (en) 2000-06-15 2004-10-05 International Business Machines Corporation Open architecture global sign-on apparatus and method therefor
US7080077B2 (en) 2000-07-10 2006-07-18 Oracle International Corporation Localized access
US6938158B2 (en) 2000-07-14 2005-08-30 Nec Corporation Single sign-on system and single sign-on method for a web site and recording medium
US7467141B1 (en) 2000-08-04 2008-12-16 Grdn. Net Solutions, Llc Branding and revenue sharing models for facilitating storage, management and distribution of consumer information
US7209970B1 (en) 2000-09-19 2007-04-24 Sprint Spectrum L.P. Authentication, application-authorization, and user profiling using dynamic directory services
US20020174366A1 (en) 2000-10-26 2002-11-21 General Instrument, Inc. Enforcement of content rights and conditions for multimedia content
US7428583B1 (en) 2000-10-31 2008-09-23 Intel Corporation Network policy distribution
US7139973B1 (en) 2000-11-20 2006-11-21 Cisco Technology, Inc. Dynamic information object cache approach useful in a vocabulary retrieval system
US20020055949A1 (en) 2000-12-06 2002-05-09 Masashi Shiomi Information processing apparatus, communication apparatus, information processing terminal, information supplying apparatus, information supplying method, information supplying system and computer readable recording medium, providing desired information together with related advertisement information
US20020078005A1 (en) 2000-12-19 2002-06-20 International Business Machines Corporation Apparatus for indirect directory searches and method therefor
US20020138572A1 (en) 2000-12-22 2002-09-26 Delany Shawn P. Determining a user's groups
US20020169988A1 (en) 2000-12-22 2002-11-14 Vandergeest Ron J. Method and apparatus for providing user authentication using a back channel
US20030065940A1 (en) 2001-01-08 2003-04-03 Brezak John E. Credential management
US7483979B1 (en) 2001-01-16 2009-01-27 International Business Machines Corporation Method and system for virtualizing metadata between disparate systems
US6968370B2 (en) 2001-01-17 2005-11-22 Tuan-Hui Wu Method of transferring resources between different operation systems
US20030009487A1 (en) 2001-01-26 2003-01-09 Senthil Prabakaran Policy implementation
US7356816B2 (en) 2001-02-13 2008-04-08 Computer Associates Think, Inc. Method and apparatus for multiplatform migration
US20020112178A1 (en) 2001-02-15 2002-08-15 Scherr Allan L. Methods and apparatus for providing security for a data storage system
US7440962B1 (en) 2001-02-28 2008-10-21 Oracle International Corporation Method and system for management of access information
US20020129274A1 (en) 2001-03-08 2002-09-12 International Business Machines Corporation Inter-partition message passing method, system and program product for a security server in a partitioned processing environment
US20020133723A1 (en) 2001-03-16 2002-09-19 John King Frederick Tait Method and system to provide and manage secure access to internal computer systems from an external client
US20020178377A1 (en) 2001-03-21 2002-11-28 International Business Machines Corporation Method and system for server support for pluggable authorization systems
US20050125798A1 (en) 2001-04-24 2005-06-09 Peterson Diane L. Method and apparatus for load balancing a distributed processing system
US20020169986A1 (en) 2001-05-11 2002-11-14 Lortz Victor B. Resource authorization
US7028079B2 (en) * 2001-05-25 2006-04-11 Lenovo (Singapore) Pte, Ltd. Method and apparatus for the automatic migration of applications and their associated data and configuration files
US20020184536A1 (en) 2001-06-01 2002-12-05 Flavin James D. Method and apparatus for brokering and provisioning of windows
US7231460B2 (en) 2001-06-04 2007-06-12 Gateway Inc. System and method for leveraging networked computers to view windows based files on Linux platforms
US7171458B2 (en) 2001-06-12 2007-01-30 International Business Machines Corporation Apparatus and method for managing configuration of computer systems on a computer network
US7243370B2 (en) 2001-06-14 2007-07-10 Microsoft Corporation Method and system for integrating security mechanisms into session initiation protocol request messages for client-proxy authentication
US20030018913A1 (en) 2001-06-20 2003-01-23 Brezak John E. Methods and systems for controlling the scope of delegation of authentication credentials
US20050268309A1 (en) 2001-06-28 2005-12-01 Microsoft Corporation Transparent and sub-classable proxies
US20030028611A1 (en) 2001-07-23 2003-02-06 Kenny John G. Multi-task, multi-location networking system
US7216181B1 (en) 2001-07-31 2007-05-08 Sprint Communications Company L.P. Middleware brokering system
US20030065942A1 (en) 2001-09-28 2003-04-03 Lineman David J. Method and apparatus for actively managing security policies for users and computers in a network
US20030149781A1 (en) 2001-12-04 2003-08-07 Peter Yared Distributed network identity
US20030115313A1 (en) 2001-12-07 2003-06-19 Yasusi Kanada Network, server, and storage policy server
US20030110397A1 (en) 2001-12-12 2003-06-12 Pervasive Security Systems, Inc. Guaranteed delivery of changes to security policies in a distributed system
US7478418B2 (en) 2001-12-12 2009-01-13 Guardian Data Storage, Llc Guaranteed delivery of changes to security policies in a distributed system
US20030115186A1 (en) 2001-12-14 2003-06-19 Wilkinson Francis M. System for controlling access to and generation of localized application values
US20030115439A1 (en) * 2001-12-19 2003-06-19 Hewlett Packard Company Updating references to a migrated object in a partition-based distributed file system
US7487535B1 (en) 2002-02-01 2009-02-03 Novell, Inc. Authentication on demand in a distributed network environment
US20050108579A1 (en) 2002-02-01 2005-05-19 Novell, Inc. Isolating multiple authentication channels, each using multiple authentication models
US7299504B1 (en) 2002-03-08 2007-11-20 Lucent Technologies Inc. System and method for implementing security management using a database-modeled security policy
US20030177388A1 (en) 2002-03-15 2003-09-18 International Business Machines Corporation Authenticated identity translation within a multiple computing unit environment
US20050144463A1 (en) 2002-03-18 2005-06-30 Telenor Asa Single sign-on secure service access
US20030188036A1 (en) 2002-03-22 2003-10-02 Sun Microsystems, Inc. Methods and systems for program migration
US20050060397A1 (en) 2002-04-19 2005-03-17 Computer Associates Think, Inc. Method and system for managing a computer system
US20030229783A1 (en) 2002-06-06 2003-12-11 Hardt Dick C. Distributed hierarchical identity management
US7234157B2 (en) 2002-06-27 2007-06-19 Lenovo Singapore Pte Ltd Remote authentication caching on a trusted client or gateway system
US20040010519A1 (en) 2002-07-11 2004-01-15 Sinn Richard P. Rule based data management
US20040059953A1 (en) 2002-09-24 2004-03-25 Arinc Methods and systems for identity management
US7117486B2 (en) 2002-10-04 2006-10-03 Sun Microsystems, Inc. System and method for migration of software
US20040078569A1 (en) 2002-10-21 2004-04-22 Timo Hotti Method and system for managing security material and sevices in a distributed database system
US20040088543A1 (en) 2002-10-31 2004-05-06 Praerit Garg Selective cross-realm authentication
US7426642B2 (en) 2002-11-14 2008-09-16 International Business Machines Corporation Integrating legacy application/data access with single sign-on in a distributed computing environment
US20040098595A1 (en) 2002-11-14 2004-05-20 International Business Machines Corporation Integrating legacy application/data access with single sign-on in a distributed computing environment
US20040098615A1 (en) 2002-11-16 2004-05-20 Mowers David R. Mapping from a single sign-in service to a directory service
US7444401B1 (en) 2002-11-18 2008-10-28 Arkion Systems Llc Method and apparatus for inexpensively monitoring and controlling remotely distributed appliances
US20040111643A1 (en) 2002-12-02 2004-06-10 Farmer Daniel G. System and method for providing an enterprise-based computer security policy
US20040111515A1 (en) 2002-12-04 2004-06-10 Microsoft Corporation Peer-to-peer identity management interfaces and methods
US20040117382A1 (en) 2002-12-17 2004-06-17 International Business Machines Corporation Method and apparatus for customizing the output of a user command
US7356601B1 (en) 2002-12-18 2008-04-08 Cisco Technology, Inc. Method and apparatus for authorizing network device operations that are requested by applications
US20040123146A1 (en) 2002-12-19 2004-06-24 International Business Machines Corporation Security objects with language translation and speech to text conversion
US20040139050A1 (en) 2002-12-31 2004-07-15 American Express Travel Related Services Company, Inc. Method and system for implementing and managing an enterprise identity management for distributed security in a computer system
US20040139081A1 (en) 2002-12-31 2004-07-15 Barrett Michael Richard Method and system for implementing and managing an enterprise identity management for distributed security
US7143095B2 (en) 2002-12-31 2006-11-28 American Express Travel Related Services Company, Inc. Method and system for implementing and managing an enterprise identity management for distributed security
US20040128542A1 (en) 2002-12-31 2004-07-01 International Business Machines Corporation Method and system for native authentication protocols in a heterogeneous federated environment
US20060248099A1 (en) 2002-12-31 2006-11-02 American Express Travel Related Services Company, Inc. Method and system for implementing and managing an enterprise identity management for distributed security
US7162640B2 (en) 2003-03-11 2007-01-09 Microsoft Corporation System and method for protecting identity information
US7690025B2 (en) 2003-04-03 2010-03-30 General Electric Company Methods and systems for accessing a network-based computer system
US20040199795A1 (en) 2003-04-03 2004-10-07 Grewal Sukhminder S. Methods and systems for accessing a network-based computer system
US7379996B2 (en) 2003-04-07 2008-05-27 Microsoft Corporation System and method for web server migration
US7133984B1 (en) 2003-04-11 2006-11-07 Sprint Communications Company L.P. Method and system for migrating data
US20050055357A1 (en) 2003-04-24 2005-03-10 Scott Campbell Method, system and article of manufacture for data preservation and automated electronic software distribution across an enterprise system
US20040226027A1 (en) 2003-05-06 2004-11-11 Winter Tony Jon Application interface wrapper
US20040260565A1 (en) * 2003-06-05 2004-12-23 Zimniewicz Jeff A. Systems and methods to migrate a user profile when joining a client to a server and/or domain
US20040260651A1 (en) 2003-06-17 2004-12-23 International Business Machines Corporation Multiple identity management in an electronic commerce site
US20050010547A1 (en) 2003-07-10 2005-01-13 Nortel Networks Limited Method and apparatus for managing identity information on a network
US7987455B1 (en) 2003-07-23 2011-07-26 International Business Machines Corporation System and method of command processing
US7418597B2 (en) 2003-08-15 2008-08-26 Venati, Inc. Apparatus for accepting certificate requests and submission to multiple certificate authorities
US7650497B2 (en) 2003-08-15 2010-01-19 Venafi, Inc. Automated digital certificate renewer
US20050044409A1 (en) 2003-08-19 2005-02-24 International Business Machines Corporation Implementation and use of a PII data access control facility employing personally identifying information labels and purpose serving functions sets
US7421555B2 (en) 2003-08-22 2008-09-02 Bluearc Uk Limited System, device, and method for managing file security attributes in a computer file storage system
US20050086457A1 (en) * 2003-10-21 2005-04-21 Hohman Jennifer L. System and method for providing user controlled migration of a client computer
US20050091068A1 (en) 2003-10-23 2005-04-28 Sundaresan Ramamoorthy Smart translation of generic configurations
US20050091250A1 (en) 2003-10-23 2005-04-28 Microsoft Corporation Composite user interface and framework
US20050091284A1 (en) 2003-10-23 2005-04-28 Microsoft Corporation Composite view
US20050091290A1 (en) 2003-10-23 2005-04-28 Kim Cameron Method and system for synchronizing identity information
US20050091213A1 (en) 2003-10-24 2005-04-28 Schutz Klaus U. Interoperable credential gathering and access modularity
US20050114701A1 (en) 2003-11-21 2005-05-26 International Business Machines Corporation Federated identity management within a distributed portal server
US20050198303A1 (en) 2004-01-02 2005-09-08 Robert Knauerhase Dynamic virtual machine service provider allocation
US20050204143A1 (en) 2004-01-29 2005-09-15 Newisys, Inc. Method and system for enabling remote access to a computer system
US20050193181A1 (en) 2004-02-26 2005-09-01 Yasunori Kaneda Data migration method and a data migration apparatus
US20050223216A1 (en) 2004-04-02 2005-10-06 Microsoft Corporation Method and system for recovering password protected private data via a communication network without exposing the private data
US20050246554A1 (en) 2004-04-30 2005-11-03 Apple Computer, Inc. System and method for creating tamper-resistant code
US7584502B2 (en) 2004-05-03 2009-09-01 Microsoft Corporation Policy engine and methods and systems for protecting data
US20050267938A1 (en) * 2004-05-14 2005-12-01 Mirapoint, Inc. Method for mailbox migration
US20060015353A1 (en) 2004-05-19 2006-01-19 Grand Central Communications, Inc. A Delaware Corp Techniques for providing connections to services in a network environment
US7805721B2 (en) 2004-06-14 2010-09-28 Likewise Software, Inc. System and method for automated migration from Windows to Linux
US20050283443A1 (en) 2004-06-16 2005-12-22 Hardt Dick C Auditable privacy policies in a distributed hierarchical identity management system
US20050283614A1 (en) 2004-06-16 2005-12-22 Hardt Dick C Distributed hierarchical identity management system authentication mechanisms
US20060116949A1 (en) * 2004-06-18 2006-06-01 Washington Mutual, Inc. System for automatically transferring account information, such as information regarding a financial services account
US20060004794A1 (en) 2004-06-30 2006-01-05 Microsoft Corporation Rich application view system and method
US8245242B2 (en) 2004-07-09 2012-08-14 Quest Software, Inc. Systems and methods for managing policies on a computer
US20110282977A1 (en) 2004-07-09 2011-11-17 Quest Software, Inc. Systems and methods for managing policies on a computer
US20110283273A1 (en) 2004-07-09 2011-11-17 Quest Software, Inc. Systems and methods for managing policies on a computer
US7617501B2 (en) 2004-07-09 2009-11-10 Quest Software, Inc. Apparatus, system, and method for managing policies on a computer having a foreign operating system
US20120215899A1 (en) 2004-07-09 2012-08-23 Quest Software, Inc. Systems and methods for managing policies on a computer
US20060010445A1 (en) 2004-07-09 2006-01-12 Peterson Matthew T Apparatus, system, and method for managing policies on a computer having a foreign operating system
US20120297035A1 (en) 2004-07-09 2012-11-22 Quest Software, Inc. Systems and methods for managing policies on a computer
WO2006016900A2 (en) 2004-07-09 2006-02-16 Vintela, Inc. Policy management within a foreign operating system
US20100050232A1 (en) 2004-07-09 2010-02-25 Peterson Matthew T Systems and methods for managing policies on a computer
US20060021017A1 (en) 2004-07-21 2006-01-26 International Business Machines Corporation Method and system for establishing federation relationships through imported configuration files
US20060026195A1 (en) 2004-07-26 2006-02-02 International Business Machines Corporation Migrating personality of computing environment from source platform to target platform
US7519813B1 (en) 2004-08-02 2009-04-14 Network Appliance, Inc. System and method for a sidecar authentication mechanism
US20060034494A1 (en) 2004-08-11 2006-02-16 National Background Data, Llc Personal identity data management
US7284043B2 (en) 2004-09-23 2007-10-16 Centeris Corporation System and method for automated migration from Linux to Windows
US20060085483A1 (en) 2004-10-14 2006-04-20 Microsoft Corporation System and method of merging contacts
US20060161435A1 (en) 2004-12-07 2006-07-20 Farsheed Atef System and method for identity verification and management
US20060130065A1 (en) 2004-12-09 2006-06-15 Arthur Chin Centralized identity management system and method for delegating resource management in a technology outsourcing environment
US8024360B2 (en) 2004-12-10 2011-09-20 Centrify Corporation Method and apparatus for maintaining multiple sets of identity data
US20060174350A1 (en) 2005-02-03 2006-08-03 Navio Systems, Inc. Methods and apparatus for optimizing identity management
US20060184401A1 (en) * 2005-02-15 2006-08-17 International Business Machines Corporation System and method for resource and cost planning of an IT migration
US20080162604A1 (en) * 2005-03-01 2008-07-03 Serge Soulet System and Method For Migrating a Platform, User Data, and Applications From at Least One Server to at Least One Computer
US20060200504A1 (en) 2005-03-02 2006-09-07 International Business Machines Corporation Method and apparatus for role mapping methodology for user registry migration
US20060200424A1 (en) 2005-03-04 2006-09-07 Microsoft Corporation Method and system for integrating multiple identities, identity mechanisms and identity providers in a single user paradigm
US20060265740A1 (en) 2005-03-20 2006-11-23 Clark John F Method and system for providing user access to a secure application
US20060224611A1 (en) 2005-03-29 2006-10-05 Microsoft Corporation Identity management user experience
US20060282360A1 (en) * 2005-06-08 2006-12-14 Kahn Markus H Systems and methods for providing migration and performance matrices
US20060282461A1 (en) 2005-06-10 2006-12-14 Microsoft Corporation Object virtualization
US20060294151A1 (en) 2005-06-27 2006-12-28 Stanley Wong Method and apparatus for data integration and management
US20070011136A1 (en) 2005-07-05 2007-01-11 International Business Machines Corporation Employing an identifier for an account of one domain in another domain to facilitate access of data on shared storage media
US20070143430A1 (en) 2005-08-03 2007-06-21 Brett Dennis Johnson Methods of routing messages using a listener registry
US20070038596A1 (en) 2005-08-15 2007-02-15 Microsoft Corporation Restricting access to data based on data source rewriting
US20070083917A1 (en) 2005-10-07 2007-04-12 Peterson Matthew T Apparatus system and method for real-time migration of data related to authentication
EP1932279A2 (en) 2005-10-07 2008-06-18 Quest Software, Inc. Apparatus system and method for real-time migration of data related to authentication
WO2007044613A2 (en) 2005-10-07 2007-04-19 Quest Software, Inc. Apparatus system and method for real-time migration of data related to authentication
US8141138B2 (en) 2005-10-17 2012-03-20 Oracle International Corporation Auditing correlated events using a secure web single sign-on login
US7591005B1 (en) 2005-10-27 2009-09-15 Centrify Corporation Method and apparatus for user log-in name mapping
US20070100980A1 (en) * 2005-11-01 2007-05-03 Hitachi, Ltd. Computer system and method for managing log information
US20070101415A1 (en) 2005-11-02 2007-05-03 Takanori Masui Image processing apparatus, user authentication method and storage medium storing program for user authentication
US7765187B2 (en) 2005-11-29 2010-07-27 Emc Corporation Replication of a consistency group of data storage objects from servers in a data network
US20070143836A1 (en) 2005-12-19 2007-06-21 Quest Software, Inc. Apparatus system and method to provide authentication services to legacy applications
US7904949B2 (en) 2005-12-19 2011-03-08 Quest Software, Inc. Apparatus, systems and methods to provide authentication services to a legacy application
US20070150448A1 (en) 2005-12-27 2007-06-28 Centrify Corporation Method and apparatus for optimizing large data set retrieval
US20070156767A1 (en) 2006-01-03 2007-07-05 Khanh Hoang Relationship data management
US20070156766A1 (en) 2006-01-03 2007-07-05 Khanh Hoang Relationship data management
US20070180448A1 (en) 2006-01-24 2007-08-02 Citrix Systems, Inc. Methods and systems for providing access to a computing environment provided by a virtual machine executing in a hypervisor executing in a terminal services session
US20070180493A1 (en) 2006-01-24 2007-08-02 Citrix Systems, Inc. Methods and systems for assigning access control levels in providing access to resources via virtual machines
US8087075B2 (en) 2006-02-13 2011-12-27 Quest Software, Inc. Disconnected credential validation using pre-fetched service tickets
US20070192843A1 (en) 2006-02-13 2007-08-16 Quest Software, Inc. Disconnected credential validation using pre-fetched service tickets
US20120192256A1 (en) 2006-02-13 2012-07-26 Quest Software, Inc. Disconnected credential validation using pre-fetched service tickets
US20070255814A1 (en) 2006-04-27 2007-11-01 Securetek Group Inc. System for server consolidation and mobilization
US7653794B2 (en) 2006-05-08 2010-01-26 Microsoft Corporation Converting physical machines to virtual machines
US8429712B2 (en) 2006-06-08 2013-04-23 Quest Software, Inc. Centralized user authentication system apparatus and method
US20070288992A1 (en) 2006-06-08 2007-12-13 Kyle Lane Robinson Centralized user authentication system apparatus and method
US7661027B2 (en) 2006-10-10 2010-02-09 Bea Systems, Inc. SIP server architecture fault tolerance and failover
US8086710B2 (en) 2006-10-30 2011-12-27 Quest Software, Inc. Identity migration apparatus and method
US20080104250A1 (en) 2006-10-30 2008-05-01 Nikolay Vanyukhin Identity migration system apparatus and method
US20080104220A1 (en) 2006-10-30 2008-05-01 Nikolay Vanyukhin Identity migration apparatus and method
US8346908B1 (en) 2006-10-30 2013-01-01 Quest Software, Inc. Identity migration apparatus and method
US7895332B2 (en) 2006-10-30 2011-02-22 Quest Software, Inc. Identity migration system apparatus and method
US20080133533A1 (en) * 2006-11-28 2008-06-05 Krishna Ganugapati Migrating Credentials to Unified Identity Management Systems
US20090006537A1 (en) 2007-06-29 2009-01-01 Microsoft Corporation Virtual Desktop Integration with Terminal Services
US20090216975A1 (en) 2008-02-26 2009-08-27 Vmware, Inc. Extending server-based desktop virtual machine architecture to client machines

Non-Patent Citations (104)

* Cited by examiner, † Cited by third party
Title
"Description of Digital Certificates", Jan. 23, 2007, http://www.support.microsoft.com/kb/195724.
"Directory Administrator", http://diradmin.open-it.org/indexlphp, p. 1-3. Dec. 15, 2004.
"Innovation Report-Windows Group Policy Protocols". Jul. 31, 2006.
"LDAP Linux Howto", http://tldp/org/HOWTO/LDAP-HOWTO/, p. 1-2. Mar. 5, 2004.
"Lnux Authentication Against Active Directory", http://laaad/sourceforge.netlen/home/htm, p. 1-2. Dec. 15, 2004.
"NegotiateAuth", http://negotiateauth,mozdev.org/ Jul. 8, 2010.
"Optimization Techniques for Trusted Semantic Interoperation", Final Technical Report, Air Force Research Laboratory. Published May 1998.
"Project: AD4Unix: Summary", http://sourceforge.netlprojects/adunixl, p. 1-3. Dec. 15, 2004.
"Replacing NIS with Kerberos and LDAP", http://ofb.netHhess/krbldap/, p. 1-2. Dec. 15, 2004.
"Sadma", http://sadmas.sourceforge.netlen/indexlhtml. p. 1-2. Dec. 15, 2004.
"Sun Enterprise Authentication Mechanism Data Sheet", http://wwws.sun.com/jsp-utils/Printpage.jsp?url, pp. 1-4. Dec. 15, 2004.
A. Leonard, "Embrace, extend, censor", Originally published May 11, 2000 on salon.com, http://archive.salon.com/tech/log/2000/05/11/slashdot-censor/.
Aelita Software Domain Migration Wizard 6.0 User's Guide, Aug. 21, 2003.
AIX 5L Differences Guide Version 5.2 Edition Published Dec. 24, 2002, Excerpt http://proquest.safaribooksonline.com/073842704 7/ch091ev1sec13.
Akhgar et al., Secure ICT Services for Mobile and Wireless Communications: A Federated Global Identity Management Framework, 2006 IEEE.
Alan H. Harbitter et al., "Performance of Public-Key-Enabled Kerberos Authentication in Large Networks", Proceedings of the IEEE symposium on Security and Privacy. 2001.
Antti Tikkanen, "Active Directory and nss-idap for Linux: Centralized er Management," printed from http://www.hut.fi/cc/docskerberos/nss-Idap/htm, pp. 1-11, 2004.
Apurva Kumar, "The OpenLDAP Proxy Cache," IBM, India Research Lab, at least as early as May 2003.
Buell, D.A. et al., "Identity management", Internet Computing, IEEEvol. 7, Issue 6, Nov.-Dec. 2003 pp. 26-28.
Centrify DirectControl Administrator's Guide Version 2.0, Aug. 15, 2005.
Chapter 9 Authentication Protocols, Distributed System & Network Security Lab, Department of Computer Science & Information Engineering, National Chiao Tung University, pp. 21-22. 1991.
COSuser-Identity management and user provisioning for Unix, Linux and Microsoft Windows® http://www.cosuser.com/ May 24, 2010.
Damiani, E., et al, "Managing multiple and dependable identities" Internet Computing, IEEEvol 7, Issue 6, Nov.-Dec. 2003 pp. 29-37.
David "Del" Elson, "Active Directory and Linux," printed from http://www.securityfoc.com/printable/infoc /1563, pp. 1-11, 2002.
David F. Carr, "What's Federated Identity Management?", eWeek, Nov. 10, 2003, http://www.eweek.com/printarticle/O,1761.a-111811,00.asp.
Dennis, Disconnect Login (Was: FC3 Bug Week-Help Wanted) (Sep. 24, 2004).
Description of Digital Certificates, Jan. 23, 2007, available at http://www.support.microsoft.com/kb/195724.
Designing Network Security Published May 7, 1999. Excerpt http://proquest.safaribooksonline.com/1578700434/ch02lev1sec1.
Documentation for Kerberos V5 release krb5-1.3, Copyright 1985-2002, Installation Guide: http://web.mit.edu/Kerberos/krb5-1.6/krb5-1.6/doc/krb5-install.html.
Documentation for Kerberos V5 release krb5-1.3, Copyright 1985-2002, Installation Guide: http://web.mit.edu/Kerberoslkrb5-1.3/krb5-1.3/doc/krb5-install.html-System Administrator's Guide: http://web.mit.edu/Kerberos/krb5-1.3/krb5-1.3/doc/krb5-admin.html-UNIX User's Guide: http://web.mit.edu/Kerberos/krb5-1.3/krb5-1.3/doc/krb5- er.html.
Documentation for Kerberos V5 release krb5-1.3, Copyright 1985-2002, System Administrator's Guide: http://web.mit.edu/Kerberos/krb5-1.6/krb5-1.6/doc/krb5-admin.html.
Documentation for Kerberos V5 release krb5-1.3, Copyright 1985-2002, UNIX User's Guide: http://web.mit.edu/kerberos/www/krb5-1.2/krb5-1.2.6/doc/user-guide.html.
European Office Action, Application No. 05728119.8-1243 dated Apr. 9, 2009.
European Patent Office Communication pursuant to Article 94(3) EPC dated Apr. 9, 2009.
Fabini et al., "IMS in a Bottle: Initial Experiences from an OpenSER-based Prototype Implementation of the 3GPP IP Multimedia Subsystem" Mobile Business, 2006. ICMB '06. International Conference on Publication Date: 2006; On pp. 13-13.
Garman, "Kerberos-The Definitive Guide," Aug. 2003, O'Reilly & Associates, Inc.
Get to One Options for moving from multiple, Unix identities to a single, AD-based authentication infrastructure with Vintela Authentication Serviceshttp://www.quest.com/Vintela-Authentication-Services/migration-options-VAS.aspx May 24, 2010.
Hank Simon, "SAML:The Secret to Centralized Identity Management", Dec. 2004, http://intelligententerprise.com/showArticle.jhtml?articleID=54200324.
IBM SecureWay Policy Director, 1999. (4 pages).
IBM z/OS V1R1.0-V1R12.0 DCE Application Development Reference: dce-ace-is-cient-authorized API call: URL: http://publib.boulder.ibm.com/infocenter/zos/v1r12/topic/com. ibm.zos.r12.euvmd00/euva6a00646.htm, Copyright IBM Corporation 1990,2010, (2 pages).
Identity Management for UNIX http://technet2.microsoft.com/WindowsServer/en/library/ab66b7d2-9cfb-4d76-b707-30a5e0dd84f31033.mspx?mfr=true Aug. 22, 2005.
Implementing Registry-Based Group Policy for Applications, Microsoft Windows 2000 Server. White Paper. 2000.
International Preliminary Report on Patentability and Written Opinion for International Application No. PCT/US2006/039302, mailed on Apr. 2, 2009, in 7 pages.
International Search Report and Written Opinion from International Patent Appl. No. PCT/US2009/038394, mailed Oct. 6, 2009, in 13 pages.
International Search Report in International Application No. PCT/US2006/039302, mailed on Jul. 3, 2008.
International Search Report PCT/US2005/008342 , mailed on Nov. 9, 2006.
Introduction to Group Policy in Windows Server 2003, Microsoft Corporation, Published Apr. 2003.
J. Barr, "The Gates of Hades: Microsoft attempts to co-opt Kerberos", Published Apr. 2000 as verified by the Internet Archive, http://web.archive.org/web/20000619011652/http://www.linuxworld.com/linuxworld/lw-2000-04/lw-04-vcontrol-3.html.
J. Brezak, "HTTP Authentication: SPNEGO Access Authentication as Implemented in Microsoft Windows 2000," http://Meta.cesnet.cz/cms/opencms/en/docs/software/devel/draft-brezek-spnego-http-04.xt, pp. 1-6. 2002.
J. Kohl et al. "RFC 1510: The Kerberos Network Authentication Service (V5)", Published Sep. 1993, http://ietfreport.isoc.org/rfc/PDF/rfc1510.pdf.
Jan De Clercq, "Win.NET Server Kerberos", http://www.winnetmag.com/WindowsSecurity/ Articlesl ArticleID/26450/pg/3/3.html. Sep. 17, 2002.
John Brezak, "Interoperability with Microsoft Windows 2000 Active Directory and Kerberos Services," printed from http://msdn.microsft.com/library/en- /dnactdir/html/kerberossamp.asp?frame=true, pp. 1-4, 2000.
Kerberos, PACs, and Microsoft's Dirty Tricks Originally posted to slashdot.org on May 2, 2000, http://slashdot.org/comments.pl?sid=5268&threshold=1&commentsort=O&mode=thread&cid=1096250.
Langella, S. et al., "Dorian: Grid Service Infrastructure for Identity Management and Federation", Computer-Based Medical Systems, 2006. CBMS 2006. 19th IEEE International Symposium on Jun. 22-23, 2006 pp. 756-761.
Li, M., et al., "Identity management in vertical handovers for UMTS-WLAN networks", Mobile Business, 2005. ICMB 2005. International Conference onJul. 11-13, 2005 pp. 479-484.
LinuX® and Windows® Interoperability Guide, Published Dec. 14, 2001, Excerpt http://proquest.safaribooksonline.com/0130324779/ch 18/lev1sec3.
Lowe-Norris, Alistair G., Windows 2000 Active Directory, Chapters 8 and 9, pp. 177-245, Jan. 2000.
Matsunaga et al, "Secure Authentication System for Public WLAN Roaming, Proceedings of the 1st ACM international workshop on Wireless mobile applications and services on WLAN hotspots," San Diego, CA, A, Year of Publication: 2003, p. 113-121.
Matthew Hur, "Session Code: ARC241 architecture & infrastructure", Microsoft Corporation. Oct. 26, 2003.
May 29, 2013 Related Applications.
MCSE in a Nutshell: The Windows 2000 Exams Published Feb. 2001. Excerpt http://proquest.safaribooksonline.com/0596000308/mcseian-CHP-13-SECT-1.
Microsoft Corp., Implementing Registry-Based Group Policy for Applications, 2000.
Microsoft Corp., Introduction to Group Policy in Windows Server 2003, 2003.
Microsoft: CATIA Migration from UNIX to Windows, Overview, Jul. 18, 2003, Microsoft, Chapter 8, Windows-Unix Interoperability and Data Sharing. (21 pages).
Microsoft: CATIA Migration from UNIX to Windows, Overview, Jul. 18, 2003. (3 pages).
Mikkonen, H. et al., "Federated Identity Management for Grids" Networking and Services, 2006. ICNS '06. International conference onJul. 16-18, 2006 pp. 69-69.
Mont, M.C. et al., "Towards accountable management of identity and privacy: sticky policies and enforceable tracing services", Database and Expert Systems Applications, 2003. Proceedings. 14th International Workshop on Sep. 1-5, 2003 pp. 377-382.
NCSA Introduction to Kerberos 5, All right reserved Board of Trustees of the University of Illinois Page last updated May 21, 2002 http://www.ncsa.uiuc.edu/UserInfo/Resources/Sofiware/kerberosold/introduction.html.
Neuman et al., "RFC 4120-The Kerberos Network Authentication Service V5," Network Working Group, Jul. 2005.
Neuman, et al.: "Kerberos: An Authentication Service for Computer Networks", IEEE Communications Magazine, vol. 32, Issue 9, Pub. Date Sep. 1994, relevant pp. 33-38.
O'Reily publications "Unix & Internet Security", Apr. 1996. (3 pages).
PADL Software Pty Ltd., http://www.padl.com/productsIXAD.html, pp. 1-3. Dec. 15, 2004.
PADL Software Pty Ltd., Pam-ccreds readme, (Apr. 11, 2004) (pan-crreds).
Phiri, J. et al., "Modelling and Information Fusion in Digital Identity Management Systems" Networking, International Conference on Systems and International Conference on Mobile Communications and Learning Technologies, 2006. ICN/ICONS/MCL 2006. International Conference on Apr. 23-29, 2006 pp. 181-181.
Quest Software; "UNIX Identity Migration Wizard User Guide", 2006.
Quest Vintela Authentication Services Administrator's Guide Version 3.1, Sep. 2006.
Radeke, E., et al. "Framework for object migration in federated database systems", Cooperation Univ. of Paderborn, Germany, Parallel and Distributed Information Systems, 1994., Proceedings of the Third International Conference on Publication Date: Sep. 28-30, 1994, on pp. 187-194.
Request for Withdrawal of the European Application No. 05728119.8 on Feb. 19, 2010.
Response to Communication pursuant to Article 94(3) EOC filed Sep. 9, 2009 in EP 05728119.8.
RFC 4120-"The Kerberos Network Authentication Service V5," Neuman et al., Network Working Group, Jul. 2005.
Sandrasegaran, Hsang, Identity Management in Vertical Handovers for UMTS-WLAN Networks, 2005 IEEE.
Schroeder, SDSC's Installation and Development of Kerberos, San Diego Supercomputer Center, San Diego, CA, Sep. 20, 1995, p. 1-11.
Search Security, "Search Security.com Definitions", Jun. 4, 2007, http://searchsecurity.techtarget.com/sDefinition/0,,sid14-gci212437,00.html.
Shim, S.S.Y et al., "Federated identity management" Computer; vol. 38, Issue 12, Dec. 2005 pp. 120-122.
Shin, D. et al., "Ensuring information assurance in federated identity management", Performance, Computing, and Communications, 2004 IEEE International Conference on 2004 pp. 821-826.
Siddiqi, J. et al., "Secure ICT Services for Mobile and Wireless Communications: A Federated Global Identity Management Framework", Information Technology: New Generations, 2006. ITNG 2006. Third International Conference on Apr. 10-12, 2006 pp. 351-357.
Sixto Ortiz, Jr., "One-Time Password Technology", vol. 29, Issue 15, Apr. 13, 2007, http://www.processor.com/editorial/article.asp?article=articles%2Fp2915%2F30p15%2F30p15.asp.
Subject 2.15. What do I need to do to setup cross-realm authentication?, http://www.cmf.nrl.navy.mil/CCS/people/kenh/kerberos-fag. html. Jul. 8, 2010.
Summary of telephonic interview involving co-inventor Matthew Peterson and three others plus the Examine on Nov. 16, 2007 in U.S. Appl. No. 10/888,845.
The SLAPD and SLURPD Administrator's Guide, University of Michigan Release 3.3 Apr. 30, 1996, available at http://www.umich.edu/~dirsvcs/Idap/doc/guides/slapd/guide.pdf.
The SLAPD and SLURPD Administrator's Guide, University of Michigan Release 3.3 Apr. 30, 1996, available at http://www.umich.edu/˜dirsvcs/Idap/doc/guides/slapd/guide.pdf.
Turbo Fredriksson, "LDAPv3." printed from http://www.bayour.com/LDAPv3-HOWTO.html, pp. 2-65, 2001.
U.S. Appl. No. 11/928,887, Inter Partes Reexamination Request dated Apr. 18, 2012.
U.S. Appl. No. 11/928,887, Inter Partes Reexamination Request dated Jul. 17, 2012.
U.S. Appl. No. 11/928,887, Notice of Allowance dated Dec. 13, 2010.
U.S. Appl. No. 11/928,887, Request for Inter Partes Reexamination/Denied, dated Sep. 4, 2012.
U.S. Appl. No. 12/200,814, filed Aug. 28, 2008, Eyes et al.
Ventuneac et al., A policy-based security framework for Web-enabled applications, Proceeding ISICT '03, Proceedings of the 1st International Symposium on Information and Communication Technologies, pp. 487-492.
Vintela Extends the Reach of Microsoft Group Policy to Unix and Linux; Vintela Group Policy (VGP) Provides a Framework for Unix and Linux Policy-Based Management Through the Popular Windows Group Policy System., PR Newswire, Sep. 13, 2004.
Vintela Group Policy Technology Preview, "Extending the Power of Group Policy and Windonws Active Directory to configuration of Unix and Linux users and systems", Version 0.1, May 2004.
Wedgetail Communications; "Security Assertion Markup Language (SAML)", 2004.
Weitzner, D.J., "In Search of Manageable Identity Systems", IEEE Internet Computing, vol. 10, Issue 6, Nov.-Dec. 2006 pp. 84-86.
Windows 2000 Kerberos Authentication White Paper, Microsoft Windows 2000 Server, pp. 1-5 and 41-42. Jul. 12, 2010.
Withers, Integrating Windows 2000 and UNIX Using Kerberos, The Journal for UNIX Systems Administrators, vol. 10, No. 12, Dec. 2001. http://seann.herdejurgen.com/resume/samag.com/html/v10/il2/a5.htm.

Also Published As

Publication number Publication date
US20080104220A1 (en) 2008-05-01
US8346908B1 (en) 2013-01-01
US8086710B2 (en) 2011-12-27

Similar Documents

Publication Publication Date Title
US8966045B1 (en) Identity migration apparatus and method
US11075913B1 (en) Enforceable launch configurations
US10616203B2 (en) Security migration in a business intelligence environment
US10372475B2 (en) Approaches for managing virtual instance data
US10037204B2 (en) Version control of applications
US8856077B1 (en) Account cloning service for cloud computing environments
US9075788B1 (en) Account state simulation service for cloud computing environments
US8805971B1 (en) Client-specified schema extensions in cloud computing environments
US20200403944A1 (en) Chatbot support platform
US9438599B1 (en) Approaches for deployment approval
US7895332B2 (en) Identity migration system apparatus and method
US11526431B2 (en) Systems and methods for automated provisioning of a virtual mainframe test environment
US9275112B2 (en) Filtering views with predefined query
US10169465B2 (en) Dynamic runtime environment configuration for query applications
US11909721B2 (en) Systems and methods for automated firewall provisioning for virtual machines
US9009777B2 (en) Automatic role activation
US11799839B2 (en) Cross-regional replication of keys
US20200233907A1 (en) Location-based file recommendations for managed devices
US20230130973A1 (en) System and method for creating template for database services
US10929279B2 (en) Systems and method for automated testing framework for service portal catalog
US10262046B2 (en) Profile-enabled dynamic runtime environment for web application servers
US9313208B1 (en) Managing restricted access resources
US9178867B1 (en) Interacting with restricted environments
US9467452B2 (en) Transferring services in a networked environment
CN116226092B (en) Database updating method and device

Legal Events

Date Code Title Description
STCF Information on status: patent grant

Free format text: PATENTED CASE

CC Certificate of correction
AS Assignment

Owner name: THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT, TEXAS

Free format text: SECURITY AGREEMENT;ASSIGNORS:AVENTAIL LLC;DELL PRODUCTS L.P.;DELL SOFTWARE INC.;REEL/FRAME:040039/0642

Effective date: 20160907

Owner name: CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT, NORTH CAROLINA

Free format text: SECURITY AGREEMENT;ASSIGNORS:AVENTAIL LLC;DELL PRODUCTS, L.P.;DELL SOFTWARE INC.;REEL/FRAME:040030/0187

Effective date: 20160907

Owner name: CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLAT

Free format text: SECURITY AGREEMENT;ASSIGNORS:AVENTAIL LLC;DELL PRODUCTS, L.P.;DELL SOFTWARE INC.;REEL/FRAME:040030/0187

Effective date: 20160907

Owner name: THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., A

Free format text: SECURITY AGREEMENT;ASSIGNORS:AVENTAIL LLC;DELL PRODUCTS L.P.;DELL SOFTWARE INC.;REEL/FRAME:040039/0642

Effective date: 20160907

AS Assignment

Owner name: AVENTAIL LLC, CALIFORNIA

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:040521/0467

Effective date: 20161031

Owner name: DELL SOFTWARE INC., CALIFORNIA

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:040521/0467

Effective date: 20161031

Owner name: DELL PRODUCTS L.P., TEXAS

Free format text: RELEASE OF SECURITY INTEREST IN CERTAIN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (040039/0642);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A.;REEL/FRAME:040521/0016

Effective date: 20161031

Owner name: DELL SOFTWARE INC., CALIFORNIA

Free format text: RELEASE OF SECURITY INTEREST IN CERTAIN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (040039/0642);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A.;REEL/FRAME:040521/0016

Effective date: 20161031

Owner name: AVENTAIL LLC, CALIFORNIA

Free format text: RELEASE OF SECURITY INTEREST IN CERTAIN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (040039/0642);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A.;REEL/FRAME:040521/0016

Effective date: 20161031

Owner name: DELL PRODUCTS, L.P., TEXAS

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:040521/0467

Effective date: 20161031

AS Assignment

Owner name: CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT, NEW YORK

Free format text: FIRST LIEN PATENT SECURITY AGREEMENT;ASSIGNOR:DELL SOFTWARE INC.;REEL/FRAME:040581/0850

Effective date: 20161031

Owner name: CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLAT

Free format text: FIRST LIEN PATENT SECURITY AGREEMENT;ASSIGNOR:DELL SOFTWARE INC.;REEL/FRAME:040581/0850

Effective date: 20161031

AS Assignment

Owner name: CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT, NEW YORK

Free format text: SECOND LIEN PATENT SECURITY AGREEMENT;ASSIGNOR:DELL SOFTWARE INC.;REEL/FRAME:040587/0624

Effective date: 20161031

Owner name: CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLAT

Free format text: SECOND LIEN PATENT SECURITY AGREEMENT;ASSIGNOR:DELL SOFTWARE INC.;REEL/FRAME:040587/0624

Effective date: 20161031

AS Assignment

Owner name: QUEST SOFTWARE INC. (F/K/A DELL SOFTWARE INC.), CALIFORNIA

Free format text: CORRECTIVE ASSIGNMENT TO CORRECT THE ASSIGNEE PREVIOUSLY RECORDED AT REEL: 040587 FRAME: 0624. ASSIGNOR(S) HEREBY CONFIRMS THE ASSIGNMENT;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:044811/0598

Effective date: 20171114

Owner name: QUEST SOFTWARE INC. (F/K/A DELL SOFTWARE INC.), CA

Free format text: CORRECTIVE ASSIGNMENT TO CORRECT THE ASSIGNEE PREVIOUSLY RECORDED AT REEL: 040587 FRAME: 0624. ASSIGNOR(S) HEREBY CONFIRMS THE ASSIGNMENT;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:044811/0598

Effective date: 20171114

Owner name: AVENTAIL LLC, CALIFORNIA

Free format text: CORRECTIVE ASSIGNMENT TO CORRECT THE ASSIGNEE PREVIOUSLY RECORDED AT REEL: 040587 FRAME: 0624. ASSIGNOR(S) HEREBY CONFIRMS THE ASSIGNMENT;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:044811/0598

Effective date: 20171114

AS Assignment

Owner name: QUEST SOFTWARE INC. (F/K/A DELL SOFTWARE INC.), CALIFORNIA

Free format text: RELEASE OF FIRST LIEN SECURITY INTEREST IN PATENTS RECORDED AT R/F 040581/0850;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT;REEL/FRAME:046211/0735

Effective date: 20180518

Owner name: QUEST SOFTWARE INC. (F/K/A DELL SOFTWARE INC.), CA

Free format text: RELEASE OF FIRST LIEN SECURITY INTEREST IN PATENTS RECORDED AT R/F 040581/0850;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT;REEL/FRAME:046211/0735

Effective date: 20180518

Owner name: AVENTAIL LLC, CALIFORNIA

Free format text: RELEASE OF FIRST LIEN SECURITY INTEREST IN PATENTS RECORDED AT R/F 040581/0850;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT;REEL/FRAME:046211/0735

Effective date: 20180518

AS Assignment

Owner name: CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT, NEW YORK

Free format text: FIRST LIEN PATENT SECURITY AGREEMENT;ASSIGNOR:QUEST SOFTWARE INC.;REEL/FRAME:046327/0347

Effective date: 20180518

Owner name: CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT, NEW YORK

Free format text: SECOND LIEN PATENT SECURITY AGREEMENT;ASSIGNOR:QUEST SOFTWARE INC.;REEL/FRAME:046327/0486

Effective date: 20180518

Owner name: CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLAT

Free format text: FIRST LIEN PATENT SECURITY AGREEMENT;ASSIGNOR:QUEST SOFTWARE INC.;REEL/FRAME:046327/0347

Effective date: 20180518

Owner name: CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLAT

Free format text: SECOND LIEN PATENT SECURITY AGREEMENT;ASSIGNOR:QUEST SOFTWARE INC.;REEL/FRAME:046327/0486

Effective date: 20180518

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1551)

Year of fee payment: 4

AS Assignment

Owner name: QUEST SOFTWARE INC., CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:VANYUKHIN, NIKOLAY;SHEVNIN, OLEG;KOROTICH, ALEXEY;REEL/FRAME:046729/0248

Effective date: 20071030

Owner name: DELL SOFTWARE INC., CALIFORNIA

Free format text: CHANGE OF NAME;ASSIGNOR:QUEST SOFTWARE, INC.;REEL/FRAME:046963/0697

Effective date: 20130530

Owner name: QUEST SOFTWARE INC., CALIFORNIA

Free format text: CHANGE OF NAME;ASSIGNOR:DELL SOFTWARE INC.;REEL/FRAME:046963/0770

Effective date: 20161101

AS Assignment

Owner name: QUEST SOFTWARE INC., CALIFORNIA

Free format text: RELEASE OF FIRST LIEN SECURITY INTEREST IN PATENTS;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT;REEL/FRAME:059105/0479

Effective date: 20220201

Owner name: QUEST SOFTWARE INC., CALIFORNIA

Free format text: RELEASE OF SECOND LIEN SECURITY INTEREST IN PATENTS;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT;REEL/FRAME:059096/0683

Effective date: 20220201

Owner name: GOLDMAN SACHS BANK USA, NEW YORK

Free format text: FIRST LIEN INTELLECTUAL PROPERTY SECURITY AGREEMENT;ASSIGNORS:QUEST SOFTWARE INC.;ANALYTIX DATA SERVICES INC.;BINARYTREE.COM LLC;AND OTHERS;REEL/FRAME:058945/0778

Effective date: 20220201

Owner name: MORGAN STANLEY SENIOR FUNDING, INC., MARYLAND

Free format text: SECOND LIEN INTELLECTUAL PROPERTY SECURITY AGREEMENT;ASSIGNORS:QUEST SOFTWARE INC.;ANALYTIX DATA SERVICES INC.;BINARYTREE.COM LLC;AND OTHERS;REEL/FRAME:058952/0279

Effective date: 20220201

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 8TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1552); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 8